Security And Compliance Specialist
Pathlock is a leader in application security, access governance, and compliance automation. Our cloud-based solutions help organizations secure critical applications, mitigate risk, and enforce policies across a diverse IT landscape.
About the Role
As a Security and Compliance Specialist, you will be responsible for maintaining our security posture, ensuring regulatory compliance, and managing our GRC program. This role requires a balance of technical expertise, regulatory knowledge, and strong communication skills to support our security initiatives across the organization.
Technical Skills Required
- Security Frameworks and Regulations : Comprehensive knowledge of ISO 27001, SOC, NIST, GDPR, and privacy frameworks
- Auditing and Compliance : Demonstrated experience conducting security audits and ensuring compliance with relevant regulations
- Data Privacy : Strong understanding of data privacy regulations and implementation of best practices
- Third-Party Risk Management : Experience managing vendor risk assessments and responding to customer due diligence requests
- GRC Tools : Hands-on experience working with and improving GRC platforms such as Drata or Vanta
- IT Infrastructure and Application Controls : Solid understanding of IT infrastructure elements including networks, operating systems, databases, and application controls
Core Competencies
- Communication Skills : Ability to explain complex concepts to technical and non-technical stakeholders
- Problem-Solving Skills : Analytical approach to identifying and resolving security and compliance issues
- Attention to Detail : Meticulous focus on accuracy and completeness in compliance documentation and processes
- Interpersonal Skills : Strong collaboration abilities with cross-functional teams and external stakeholders
- Flexibility : Willingness to support business needs across different time zones
- Organizational Skills : Excellent capability to manage multiple competing priorities effectively
Requirements
Must Have
- ISO 27001 experience as either an auditor or as part of the ISMS function
- Proficient speaking and reading English
- Practical experience working with and improving GRC tools such as Drata or Vanta
- Working knowledge of data privacy requirements
- Experience handling due diligence requests (security questionnaires and RFPs)
- Experience working with external and internal auditors
Nice to Have
- CISA (Certified Information Systems Auditor) certification
- CIPP (Certified Information Privacy Professional) certification
- Experience with cloud security certifications (AWS, Azure, GCP)
- Knowledge of additional regulatory frameworks (e.g., PCI DSS, CCPA)
- Experience implementing continuous compliance monitoring
Join our team and play a critical role in safeguarding our organization's information assets while ensuring we meet industry standards and regulatory requirements.
Why Join Pathlock?
- Opportunity to lead a cutting-edge cloud security platform.
- Work in a fast-paced, high-growth environment.
- Competitive compensation, benefits, and equity options.
- Collaborative and inclusive company culture.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
mais rapidamente
