Sr. Compliance Specialist

Posted 11 Days Ago
Be an Early Applicant
Bengaluru, Karnataka
Expert/Leader
Cloud • Information Technology • Security • Software
The Role
The Senior Compliance Specialist will lead compliance efforts by executing controls, conducting audits, facilitating user access reviews, and tracking remediation plans. Responsibilities include monitoring compliance frameworks, documenting processes, and overseeing security training and controls testing.
Summary Generated by Built In

Senior Compliance Specialist (Security GRC) 

About the Role 

We are looking for a Senior Compliance Specialist (Security GRC) to join the Security GRC team at HashiCorp. In this role you will focus on leading efforts to execute/facilitate ongoing compliance controls and processes, including performing user access reviews, tracking gaps and remediation plans, following up on overdue security training, and others. You will also perform controls testing and internal audits, and work with teams on control rollout and validation as needed.

We are looking for a self-motivated individual who thrives in a fast-paced environment, can seamlessly drive efforts across multiple projects, and work with various stakeholders. 

Security at Hashicorp is a remote team. While prior experience working remotely isn’t required, we are looking for team members who can perform well given a high level of independence and autonomy. 


In this role, your responsibilities will include: 

  • Monitoring and tracking of control exceptions, if applicable, for timeliness of remediation 
  • Monitoring and tracking of approved policy exceptions, if applicable, for upcoming expiration dates, performing outreach 30-60 dates before expiration. 
  • Perform internal audits, including the annual ISO internal audit
  • Perform targeted and ongoing controls testing, and identifying opportunities for automation
  • Document the scope/boundaries of the compliance program (cloud accounts, repositories, Github teams, etc.) including updates, removals and additions. 
  • Help drive the maturity of HashiCorp’s Common Controls Framework
  • Identify opportunities to automate manual tasks, including continuous monitor of controls and audit evidence collection
  • Drive the initiation and completion of User Access Reviews (UARs) on a quarterly basis 
  • Collect and report on metrics and data related to GRC processes, including access reviews and exceptions
  • Monitoring of Security Awareness Training (SAT) and Secure Development Training for completion, and following up on incomplete and overdue training
  • Support making changes to the controls framework using Github
  • Help develop and document minimum control test procedures for each control in the controls framework
  • Perform reviews of mappings in the controls framework to associated materials, such as the Security Policy, Security Exhibit, etc. upon changes being made to those materials 
  • Support the development of audit documentation such as prep agendas, walkthrough agendas, etc.
  • Support and perform other GRC work and initiatives as assigned and needed


Must have qualifications

  • Minimum of 8 years of related professional security, risk and compliance experience
  • Previous experience in a cloud environment, preferably AWS and/or Azure
  • Advanced level knowledge either SOC 2 or ISO 27001
  • Comfortable working with both deeply technical and non-technical people 
  • Flexible in daily hours (e.g., willingness to work longer hours during end of quarter and peak periods, and audit) 
  • Highly responsive 
  • Ability to prioritize and track multiple projects and tasks in parallel

Desired Qualifications

  • Experience working in a large, multi-cloud environment
  • Deep understanding of common security compliance frameworks, attestations and certifications
  • Previous experience at a technology or SaaS company in a similar role 
  • Experience working with OSCAL 

    LI-AD1

    #LI-Hybrid

Top Skills

AWS
Azure
The Company
HQ: San Francisco, CA
1,200 Employees
Hybrid Workplace
Year Founded: 2012

What We Do

HashiCorp was founded by Mitchell Hashimoto and Armon Dadgar in 2012 with the goal of revolutionizing datacenter management: application development, delivery, and maintenance. The datacenter of today is very different than the datacenter of yesterday, and we think the datacenter of tomorrow is just around the corner.

Similar Jobs

Capco Logo Capco

Advanced Data Analytics - Reg Compliance & Doc Specialist

Fintech • Professional Services • Consulting • Energy • Financial Services • Cybersecurity • Generative AI
Bengaluru, Karnataka, IND
6000 Employees

Novo Logo Novo

Compliance & TPRM- Lead

Fintech • Financial Services
Bangalore, Bengaluru, Karnataka, IND
315 Employees

Unity Logo Unity

IT SOX Compliance Lead

Artificial Intelligence • Gaming • Machine Learning • Software • Virtual Reality • Design • Metaverse
Bengaluru, Karnataka, IND
5500 Employees
South, Lingarajapura, Bangalore, Karnataka, IND
3753 Employees

Similar Companies Hiring

InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account