FloQast is looking for an Compliance Manager with advanced and demonstrated experience working with SOC1, SOC2, ISO 27001/17/18, Privacy Frameworks such as GDPR, CCPA, and other regulatory or compliance Frameworks. This role will manage all Security Compliance activities for FloQast and will work across the organization's functions (Engineers, DevOps, Security, Product, IT, HR, Legal, etc.) to ensure requirements are understood and controls are implemented correctly. This role will also play a crucial role engaging with external parties, including security auditors, customers, and vendors as needed.
This role will be responsible for helping to design and iterate on security controls to address these compliance concerns in a way that helps empower and maintain FloQast’s culture of rapid innovation. In this role, you will stay informed about the dynamic regulatory landscape, industry trends and internal operations, and will communicate and drive delivery of innovative solutions for compliance at scale. This position requires a mix of broad business and technical acumen with strong people skills, the ability to inspire and influence decisions around security and compliance risk management, and a polished ability to communicate with key executives, external auditors, vendor, and the customers.
You will be the first person to sit in this role that has previously been co-managed by IT, Security and Legal. As the first person, you will have the ability to set your mark on FloQast and over time build out the compliance team and compliance infrastructure. We are looking for people excited to have the opportunity to start a fresh team and build a new department.
*Visa sponsorship is NOT available at this time
Working with a myriad of product, engineering, and SaaS infrastructure management teams to implement and manage compliance. The Security Risk & Compliance Manager will:Manage all Internal & External Security Compliance engagement activitiesUnderstand compliance requirements of engineering, product, and cloud infrastructure delivery teamsDevelop and oversee control systems to prevent or deal with violations of legal guidelines and internal policies related to SOC, ISO 2700, GDPR, CCPA, and other standardsKeep abreast of regulatory developments within or outside of the company as well as evolving best practices in compliance control, integrating them, where required, into daily business activitiesManage external audits, third party penetration tests, and customer assessments, working closely with the Security and IT teams on audit findings and related remediationDevelop a strategy to implement and maintain a centralized audit evidence repository to support all Security Compliance evidence gathering and maintenance activitiesMaintain ongoing oversight of concurrent, company-wide programs and ongoing initiatives impacting Security ComplianceServe as compliance subject matter expert providing guidanceDevelop compliance strategy in alignment with business requirements, objectives and metricsTranslate legal, statutory and contractual obligations into a unified collection of processes and provide the respective stakeholders with compliance requirements and methodologiesWork very closely with many cross-functional teams to communicate and integrate control requirements (HR, Finance, Legal, others etc.)Collaborate with Legal, IT, Security and HR departments to monitor the enforcement of standards and regulationsSupport vendor security reviews and client agreements process in assessing security requirements from potential customersManage all Internal & External Security Compliance engagement activitiesYou will build and manage the programs supporting our existing and ongoing compliance control activities and initiativesDrive project activities to ensure requirements and schedules are metAssist with Security Compliance activities as requiredEvaluate the efficiency of controls and improve them continuouslyRevise procedures, reports, etc. periodically to identify hidden risks or non-conformity issuesDraft, modify and implement related company policiesAssess the business’s future ventures to identify possible compliance risksReview the work of colleagues when necessary to identify compliance issues and provide advice or trainingPrepare reports for senior management and external regulatory bodies as appropriate
Desired Qualities and Skills:
5+ years working experience within Data Security & Compliance3+ years experience managing Compliance activities as part of a company (not just in a consulting capacity) that includes managing peopleBS or MS in computer science or related fieldExpert understanding of SOC 1, SOC 2, GDPR, ISO 27001, CCPA regulations and frameworks. Expert understanding of Cloud Controls and environmentsA strong foundation in IT solutions development and deploymentPractical understanding of IT Security Compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment (AWS).Strong analytical, diagnostic, critical thinking and project management skillsExcellent problem-solving, negotiation and decision-making skills.Excellent written and oral communication skillsStrong Engagement skills (Internal & External)Successful demonstrated experience managing and working with external auditorsSuccessful demonstrated experience managing and working with internal cross-functional teams and product engineering groupsSuccessful demonstrated experience communicating and reporting to Senior leadership
FloQast is a fast-growing, Los Angeles-based, growth-stage company redefining how a critical business process (financial close) is performed. Our growth and success are fueled by a passion to define and dominate the close management software market. We are the first company of our kind to focus specifically on the mid-market. Our prospects have been hungry for a solution like FloQast and the response has made FloQast among the fastest growing FinTech companies with now more than 750 customers, including Lyft, Zoom, Twilio and the Golden State Warriors.
- We are fanatics about the success of our customers. Check us out on G2 Crowd
- We are equally fanatic about creating and maintaining a fabulous culture of support and success for all employees.
- We are moving quickly and there is a huge upside opportunity in terms of career growth
- FloQast offers competitive compensation, stock options, full benefits, and a positive and supportive work environment
FloQast, Inc is committed to operating fair and unbiased recruitment procedures allowing all applicants an equal opportunity for employment, free from discrimination on the basis of religion, race, sex, age, sexual orientation, disability, color, ethnic or national origin, or any other classification as may be protected by applicable law. We aim to recruit the right people for the jobs we have to offer, and to assess applications on the basis of relevant skills, education, and experience. We welcome people of different backgrounds, experiences, abilities and perspectives. We are an equal opportunity employer and strive to provide a professional and welcoming workplace for all employees.