Senior Compliance Analyst (Remote)
As a Senior Compliance Analyst on Drata’s Compliance team, you will be on the front line to make sure Drata can be successful in meeting its goals. You will be encouraged to blog, speak, and join events to talk about the work you are doing and encourage other companies to follow our lead. We will build solutions to ensure we are meeting our security and compliance obligations. This role will also focus heavily on automation as it is a core value to our business, we want you to lead the way in how companies automate their security and compliance programs while bringing new ideas to the Drata platform.
What you'll do:
- We want you to focus on automating the compliance process and making Drata the best product to do so by giving detailed feedback to product teams around the daily usage of the product
- Don’t just trust the process, improve it! Come up with innovative ways to solve compliance challenges that Drata and our customers face on a daily basis from everything to vendor management to onboarding/offboarding
- Watch the watchers! Ensure our security and engineering teams are meeting our security and compliance obligations
- Hack the planet! (who doesn’t love Hackers?) Work with the team on our bug bounties, blue/red team engagements, penetration tests and other fun projects
- Code is for building solutions, not in how you communicate. Work well with your peers and communicate clearly so they understand the WHY behind what we do
- Write the ancient artifacts of documentation so your peers know how things work in the environment and write policies/procedures that make sense for the business
- You like reading and learning about the latest technology and testing them out
What you’ll bring:
- You have 5-7 years of experience
- Bachelor's degree is required, and relevant certifications are a plus (CISA, CISM, CISSP, ISC, IAPP)
- You are passionate about developing solutions at the intersection of Compliance, Privacy and Security
- You have a solid understanding of how things operate in a SaaS environment
- You have a solid understanding of Risk Management and Vendor Management to lead discussions and manage risks and vendors.
- You are knowledgeable in SOC 2 , ISO 27001, and HIPAA and know how to audit internally
- You like taking the road less traveled when it makes sense, you analyze problems and find better ways to meet the business need
- Black Hat, White Hat or Wizard Hat, we don’t care we just want you to be passionate about security and helping our industry mature
- We live in the cloud so we need you to have AWS, GCP or Azure experience
- Watson is that you? We need you to be able to do in-depth troubleshooting to problem solve
- We are people who are curious and love to learn new things, we want you to have that desire as well
- Be Awesome! You are going to need to work well with your peers because they are often coming to you with problems while frustrated, be kind and clearly communicate to them to make things all better
Do you have a special set of skills?
- Want to code? We want you here to give our engineering team a run for their money (Python)
Benefits:
- Healthcare: 90-100% paid premiums for medical, dental, and vision plans for employee and dependents + on demand health care concierge
- HSA, FSA, & DCFSA: Pre-tax savings plans for healthcare and dependent care, with up to a $600 annual employer contribution to the HSA plan (if enrolled in HSA medical plan)
- 100% paid short and long term disability plus life + AD&D benefits
- Learning & Development: $500 annually towards professional development opportunities + $250 annually towards personal development opportunities
- Flexible Time Off: Flexible vacation policy for strong, fully charged batteries
- 16 Weeks Paid Parental Leave: An inclusive policy to ensure you have time with your newborn, newly adopted, or foster child
- Work Remotely: Flexible hours and work from home + $1,000 annually to cover necessary business related items for your home office
- 401K: Reach your financial goals while reducing your taxes
This role will receive a competitive base salary, benefits, and equity. The applicable salary range for each US-based role is based on where the employee works and is aligned to one of 3 tiers based on the cost of labor for that geographic area. The expected salary ranges for this role are set forth below.
Tier 1: $133,450 - $164,850
Tier 2: $120,105 - $148,365
Tier 3: $106,760 - $131,880
Here you can view which geographic pay tier applies to you, based on where you permanently reside and work. A variety of factors are considered when determining someone’s leveling and compensation – including a candidate’s professional background and experience. What tier you are aligned to is non-negotiable and is solely dependent on where you permanently reside. These ranges and tier alignments may be modified in the future and final offer amounts may vary from the amounts listed above.
Drata is on a mission to help build trust across the internet.
Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining compliance workflows end-to-end to ensure audit readiness.
We all recognize the importance of earning and keeping the trust of our customers when it comes to protecting their data. We've felt firsthand how burdensome achieving and maintaining a strong security and compliance posture can be at a fast-growing company. It’s a manual, redundant, error-prone, and unscalable process - and it only grows more complex and expensive over time.
Our team of SaaS, security, compliance, and audit experts have built a better way - with automation.
Employment at Drata is based solely upon individual merit and qualifications directly related to professional competence. We strictly prohibit unlawful discrimination or harassment on the basis of race, color, religion, veteran status, national origin, ancestry, pregnancy status, sex, gender identity or expression, age, marital status, mental or physical disability, medical condition, sexual orientation, or any other characteristics protected by law. We also make reasonable accommodations to meet our obligations under laws protecting the rights of the disabled.
