Senior Risk and Compliance Engineer, Security
Who We Are:
At Calm, we have a simple, albeit BIG mission: to make the world a happier and healthier place. Through our website, blog, and app—filled with meditations, sleep stories, music, movement, and more—we’re redefining what mental care looks like in 2021 and beyond. With over 100 million users worldwide, 100,000 new users daily, and our growing partnerships with major companies, we’re having a positive effect on more and more people each and every day. And while the heart of Calm is digital, we are growing and expanding offline with a variety of products and services to help deliver on our mission of health and happiness, the world over.
What We Do:
To be the technical leader on a world-class Security & Compliance engineering team who work across the Calm organization to define, coordinate, and implement Calm’s security and compliance strategy to support Calm’s product today and accelerate the speed that we build Calm’s tomorrow. You’ll be involved from company strategy to implementing, scaling, and maintaining toolsets. You have a background in security and understand security is both a marathon, not a sprint, and a business enabler, not a blocker. We want you to bring your technical mindset with you, as you mentor early career engineers and support their development and guide our architectural evolution.
What You'll Do:
As a member of our team, you will be an integral part in building a world-class security and compliance team that empowers the business by instilling trust in Calm from our customers and partners. We are a team of pragmatic technologists that place securing our customers’, partners’, and organization’s data at the forethought of our decision making while valuing a can-do attitude, collaboration, learning, and curiosity.
To be the voice of Risk and Compliance on our world-class Security & Compliance engineering team who work across the Calm organization to define, coordinate, and implement Calm’s security and compliance strategy to support Calm’s product today and accelerate the speed that we build Calm’s tomorrow. You’ll be involved from company strategy to implementing, scaling, and maintaining compliance frameworks. You have a background in security and understand security is both a marathon, not a sprint, and a business enabler, not a blocker. We want you to bring your compliance mindset with you, as you work cross-functionally across the business to ensure we understand and meet our security and compliance goals.
- Compliance lead
- Identify and help solve the open questions in our approach to HIPAA compliance, in addition to evaluating and implementing future frameworks (e.g. ISO 27001)
- Partner with legal, policy, and engineering stakeholders to create and enhance policies to support Calm’s compliance program
- Work with cross-functional stakeholders to get aligned with company-wide goals, and then use this context to prioritize compliance initiatives appropriately
- Lead external audits performed by both third-party auditors, customers’, and partners’.
- Assist in establishing a vendor-risk process to support the implementation of new technologies and tools across the organization.
Who You Are:
- Deep understanding of cloud concepts and their relation to HIPAA, SOC 2, and ISO 27001.
- Understanding of how to navigate an organization to implement the necessary controls and gather audit artifacts to ensure compliance is achieved and maintained.
- Ability to present technical findings and their business impacts to key stakeholders.
- Growth mindset: receives feedback easily and incorporates it quickly
- Pragmatic: balance scrappiness and rigor
- Great technical communicator
- Strong attention to detail
- Strong product and architectural instincts
Nice-to-Haves:
- Startup experience
- Big 4 or external audit experience
Benefits
- Competitive salary and equity
- “Take the time you need” approach to time off
- Coverage for medical, dental, & vision insurance plans
- 401K
- Home office stipend
- Supportive wellbeing benefits including our EAP support, and monthly wellbeing reimbursement
- Commuter benefits
- Life insurance and disability benefits
- Remote-first environment that allows you to work flexibly from many locations
- Opportunity to work with a product focused on making the world happier and healthier
We believe that mental health is health, and every person should be considered in the discussion. That’s why we’re proud to be an equal opportunity workplace, committed to equal employment opportunity regardless of race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or any other characteristic protected by applicable federal, state or local law.
Calm is deeply committed to diversity, equity and inclusion, both in our hiring practices and in our experiences as a Calm employee. We strive to create a mindful and respectful environment where everyone can bring their authentic self to work, and experience a culture that is free of harassment, racism, and discrimination.
Calm is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. Please inform Calm’s Recruiting team if you need any assistance completing any forms or to otherwise participate in the application process.