HashiCorp ยท 4 hours ago
Compliance Analyst II, GRC, Product Readiness
Maximize your interview chances
Cloud InfrastructureCyber Security
H1B Sponsor Likely
Insider Connection @HashiCorp
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Work closely with product development teams to incorporate security and compliance requirements into the product development lifecycle, ensuring that all products are built with compliance in mind from the ground up.
Conduct real-time assessments of products and features during development, identifying potential compliance risks and providing actionable recommendations to address gaps.
Define the scope of compliance controls and requirements for new and existing products, ensuring that all relevant aspects of the product are covered.
Provide ongoing guidance to product teams on security controls and industry best practices, helping them navigate complex compliance landscapes.
Leverage your technical expertise and deep understanding of the product to effectively collaborate with the rest of the GRC team, ensuring alignment and accuracy of understanding during audits. Lead internal and external audits related to product compliance, ensuring that all documentation and controls are in place and up to date.
Collaborate with cross-functional teams, including product managers and engineers, to integrate security controls into development and operational processes.
Help develop and deliver live training on security and compliance requirements and control owner responsibilities.
Identify assets utilized in the services/products that impact compliance and ensure they are documented in the scope/boundaries of the compliance program including updates, removals and additions.
Assisting with internal audits, control testing and external audits
Work with Engineering teams to identify automation opportunities of manual tasks, such as continuous monitor of controls and audit evidence collection
Support other GRC work as required.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Minimum of 2-5 years of related professional compliance and controls program experience
Previous experience in a cloud environment, preferably AWS and/or Azure
Experience with modern development and operations patterns and practices, with a strong understanding of how to embed security controls into these processes.
Advanced level knowledge either controls and control frameworks
Comfortable working with both deeply technical and non-technical resources
Flexible in daily hours (e.g. willingness to work longer hours during end of quarter, peak periods, and audit)
Highly responsive
Ability to prioritize and track multiple projects and tasks in parallel
Excellent communication and collaboration skills. Ability to work effectively with cross-functional teams and provide clear guidance on complex compliance issues.
Deep understanding of common security compliance frameworks, attestations and certifications
Understanding of infrastructure as code and related controls
Previous experience at a technology or SaaS company in a similar role
Existing experience with HashiCorp products
Experience working with OSCAL
Company
HashiCorp
HashiCorp is a remote-first company that solves development, security, and operations challenges in infrastructure.
H1B Sponsorship
HashiCorp has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (18)
2022 (42)
2021 (31)
2020 (7)
Funding
Current Stage
Public CompanyTotal Funding
$349.18MKey Investors
Franklin TempletonIVPNotable Capital
2024-04-24Acquired
2022-07-29IPO
2021-03-01Secondary Market
Recent News
GlobeNewswire News Room
2024-12-03
2024-10-22
Company data provided by crunchbase