Compliance Manager at FloQast
FloQast is looking for an Compliance Manager with advanced and demonstrated experience working with SOC1, SOC2, ISO 27001/17/18, Privacy Frameworks such as GDPR, CCPA, and other regulatory or compliance Frameworks. This role will manage all Security Compliance activities for FloQast and will work across the organization's functions (Engineers, DevOps, Security, Product, IT, HR, Legal, etc.) to ensure requirements are understood and controls are implemented correctly. This role will also play a crucial role engaging with external parties, including security auditors, customers, and vendors as needed.
This role will be responsible for helping to design and iterate on security controls to address these compliance concerns in a way that helps empower and maintain FloQast’s culture of rapid innovation. In this role, you will stay informed about the dynamic regulatory landscape, industry trends and internal operations, and will communicate and drive delivery of innovative solutions for compliance at scale. This position requires a mix of broad business and technical acumen with strong people skills, the ability to inspire and influence decisions around security and compliance risk management, and a polished ability to communicate with key executives, external auditors, vendor, and the customers.
You will be the first person to sit in this role that has previously been co-managed by IT, Security and Legal. As the first person, you will have the ability to set your mark on FloQast and over time build out the compliance team and compliance infrastructure. We are looking for people excited to have the opportunity to start a fresh team and build a new department.
Working with a myriad of product, engineering, and SaaS infrastructure management teams to implement and manage compliance. The Security Risk & Compliance Manager will:
- Manage all Internal & External Security Compliance engagement activities
- Understand compliance requirements of engineering, product, and cloud infrastructure delivery teams
- Develop and oversee control systems to prevent or deal with violations of legal guidelines and internal policies related to SOC, ISO 2700, GDPR, CCPA, and other standards
- Keep abreast of regulatory developments within or outside of the company as well as evolving best practices in compliance control, integrating them, where required, into daily business activities
- Manage external audits, third party penetration tests, and customer assessments, working closely with the Security and IT teams on audit findings and related remediation
- Develop a strategy to implement and maintain a centralized audit evidence repository to support all Security Compliance evidence gathering and maintenance activities
- Maintain ongoing oversight of concurrent, company-wide programs and ongoing initiatives impacting Security Compliance
- Serve as compliance subject matter expert providing guidance
- Develop compliance strategy in alignment with business requirements, objectives and metrics
- Translate legal, statutory and contractual obligations into a unified collection of processes and provide the respective stakeholders with compliance requirements and methodologies
- Work very closely with many cross-functional teams to communicate and integrate control requirements (HR, Finance, Legal, others etc.)
- Collaborate with Legal, IT, Security and HR departments to monitor the enforcement of standards and regulations
- Support vendor security reviews and client agreements process in assessing security requirements from potential customers
- Manage all Internal & External Security Compliance engagement activities
- You will build and manage the programs supporting our existing and ongoing compliance control activities and initiatives
- Drive project activities to ensure requirements and schedules are met
- Assist with Security Compliance activities as required
- Evaluate the efficiency of controls and improve them continuously
- Revise procedures, reports, etc. periodically to identify hidden risks or non-conformity issues
- Draft, modify and implement related company policies
- Assess the business’s future ventures to identify possible compliance risks
- Review the work of colleagues when necessary to identify compliance issues and provide advice or training
- Prepare reports for senior management and external regulatory bodies as appropriate
Desired Qualities and Skills:
- 5+ years working experience within Data Security & Compliance
- 3+ years experience managing Compliance activities as part of a company (not just in a consulting capacity) that includes managing people
- BS or MS in computer science or related field
- Expert understanding of SOC 1, SOC 2, GDPR, ISO 27001, CCPA regulations and frameworks.
- Expert understanding of Cloud Controls and environments
- A strong foundation in IT solutions development and deployment
- Practical understanding of IT Security Compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment (AWS).
- Strong analytical, diagnostic, critical thinking and project management skills
- Excellent problem-solving, negotiation and decision-making skills.
- Excellent written and oral communication skills
- Strong Engagement skills (Internal & External)
- Successful demonstrated experience managing and working with external auditors
- Successful demonstrated experience managing and working with internal cross-functional teams and product engineering groups
- Successful demonstrated experience communicating and reporting to Senior leadership
About FloQast www.floqast.com
FloQast is a fast-growing, Los Angeles-based, growth-stage company redefining how a critical business process (financial close) is performed. Our growth and success are fueled by a passion to define and dominate the close management software market. We are the first company of our kind to focus specifically on the mid-market. Our prospects have been hungry for a solution like FloQast and the response has made FloQast among the fastest growing FinTech companies with now more than 750 customers, including Lyft, Zoom, Twilio and the Golden State Warriors.
- We are fanatics about the success of our customers. Check us out on G2 Crowd
- We are equally fanatic about creating and maintaining a fabulous culture of support and success for all employees.
- We are moving quickly and there is a huge upside opportunity in terms of career growth
- FloQast offers competitive compensation, stock options, full benefits, and a positive and supportive work environment
- Named among Best Places to Work by LA Business Journal in 2017, 2018 and 2019
- Ranked #10 on The SaaS 1000
FloQast, Inc is committed to operating fair and unbiased recruitment procedures allowing all applicants an equal opportunity for employment, free from discrimination on the basis of religion, race, sex, age, sexual orientation, disability, color, ethnic or national origin, or any other classification as may be protected by applicable law. We aim to recruit the right people for the jobs we have to offer, and to assess applications on the basis of relevant skills, education, and experience. We welcome people of different backgrounds, experiences, abilities and perspectives. We are an equal opportunity employer and strive to provide a professional and welcoming workplace for all employees.