Senior Information Security Risk and Compliance Analyst
Labelbox’s mission is to build the best products for humans to advance artificial intelligence. Real breakthroughs in AI are reliant on the quality of the training data. Our training data platform enables organizations to improve their machine learning models far quicker and more accurately. We are determined to build software that is more open, easier-to-use, and singularly focused on getting our customers to performant ML faster.
Current Labelbox customers are transforming industries within insurance, retail, manufacturing/robotics, healthcare, and beyond. Our platform is used by Fortune 500 enterprises including Allstate, Black + Decker, Bayer, Warner Brothers and leading AI-focused companies including FLIR Systems and Caption Health. We are backed by leading investors including SoftBank, Andreessen Horowitz, B Capital, Gradient Ventures (Google's AI-focused fund), Databricks Ventures, Snowpoint Ventures and Kleiner Perkins.
As the Security and Operations Compliance Senior Analyst, you will be responsible for managing Labelbox’s Soc 2 Type 2 Certifications, HIPAA compliance program, NIST 800-171 compliance, security policies, risk assessment, vendor security reviews, security training, and assisting with Labelbox security compliance projects. You will report to the General Counsel as part of the COO's organization. With Labelbox’s dramatic growth, this role could evolve to include leading other security and compliance staff.
What you’ll do:
- Lead Labelbox’s internal security and compliance program and manage associated systems (we use Drata).
- Support the solutions engineering team with support on security questionnaires and related activities.
- Support the Sales Team with leading calls with prospects and customers regarding Labelbox’s security and compliance.
- Manage the security committee. Support security compliance projects and audits (e.g. SOC 2, NIST 800-171, HIPAA).
- Manage the security training and awareness program.
- Manage the vendor security review program.
- Manage security policies and standards.
- Manage security policy exceptions.
- Manage the disaster recovery and business continuity plans and drills.
- Manage risk assessments across compliance types.
- Support the Legal and HR organizations on security operations and compliance related activities.
- Build relationships with other Labelbox teams to accomplish security operations and compliance goals.
What you’ll need to succeed:
- 5+ years of security experience at an enterprise B2B SaaS company.
- Experience implementing, and managing SOC 2 Type 2 certifications and HIPAA compliance.
- An aptitude to manage security and compliance programming and systems autonomously.
- Experience developing and managing security policies.
- Experience developing and managing security standards.
- Experience managing disaster recovery and business continuity programs.
- Experience managing security policy exceptions.
- Experience being responsible for and conducting vendor security reviews and risk assessments.
- Experience with NIST 800-171 compliance is a plus.
- Experience with cross-functional project management, collaboration and communication.
- A relentless curiosity and endless enthusiasm to continually improve
- An ability to focus attention across multiple major projects and deadlines with proactive organization and flawless attention to detail.
Do great work. From anywhere.
We hire great people regardless of where they live. Work wherever you’d like as reliable internet access is our only requirement. We communicate asynchronously, work autonomously, and take ownership of our work.