Information Security Compliance Manager - remote

FingerprintJS
Posted 2 years ago
FingerprintJS empowers developers to stop online fraud at the source.

We work on turning radical new ideas in the fraud detection space into reality. Our products are developer-focused and our clients range from solo developers to publicly traded companies. Some of our customers include: Coinbase, Booking.com, Yahoo, and eBay just to name a few.

We are a globally dispersed, 100% remote company with a strong open-source focus. Our flagship open source project is FingerprintJS (16K stars on GitHub).

We have raised $44M and are backed by Craft Ventures (previously invested in TeslaFacebookAirbnb), Nexus VP (previously invested in PostmanHasura) and Uncorrelated Ventures (previously invested in Redis, Rollbar &Gradle).


Team:
Tech
Reports to: CTO
Location: remote, anywhere in UTC-8 to UTC+3
Start date: as soon as possible

We are looking for a passionate and self-driven Information SecurityCompliance Manager to join us! In this role, you will be responsible for managing and handling security and data privacy and ensuring the company is in compliance with SOC, ISO, GDPR and any other relevant regulations. The initial focus will be on maintaining SOC (Type I and Type II) processes and then expanding to additional standards over time.


What you will do:
  • All activities necessary for planning, preparing, and monitoring for continued compliance with SOC (Type I and Type II) assessment, ISO (27001 and 27002), MDM (mobile device management) for audit purposes and GDPR/CCPA for privacy regulations.
  • Maintain foundational principles of AWS Cloud Security and Compliance. 
  • Evaluate the existing data protection framework and identify areas of non or partial compliance and rectify any issues.
  • Act as the primary point of contact within the organization for members of staff, regulators, and any relevant public bodies on issues related to data protection and compliance.
  • Provide expert advice and educate employees on important data compliance requirements.
  • Promote a culture of data protection compliance across all units of the organization.

Ideally, we are looking for someone who has:
  • Bachelor’s degree in Computer Science, security, compliance, or related field.
  • Minimum of 1+ years experience working in security compliance, data protection, or a related field.
  • Good understanding of Cloud Security and remote work best practices.
  • Strong understanding of security frameworks and standards for SOC, GDPR/CCPA, ISO and other relevant regulations.
  • Experience producing, gathering, and documenting Information Security and Privacy control information for audit purposes.
  • Strong understanding of the data security principles needed to implement security controls and oversee data security practices.
  • Strong project management skills.
  • Ability to manage sensitive and confidential information.
  • Excellent verbal and written communication skills, with strong attention to detail.

Our core values:
  • No BS. We are radically transparent, open, and direct. We say what we mean and we mean what we say.
  • Fail. Learn. Grow. We aren't afraid to make big bets and learn from our mistakes in search of innovation.
  • Don’t take yourself too seriously. We aim to be informal and authentic in our working lives. We meet challenges with humor and humility.
  • Be level 5 helpful. We take as much initiative as possible when we support others and when we ask for help. (https://medium.com/helpful-com/how-to-be-an-effective-early-stage-employee-hint-be-helpful-e681b456a01f)
  • We are Global. We are a multicultural organization that values diversity in perspectives and backgrounds. We work wherever and whenever we’re happiest, and look for talent all across the globe.

  • What we offer:
    • Compensation: a competitive compensation package plus startup equity.
    • Unlimited time off: work-life balance is important to us and we recognize everybody is different when it comes to taking time off. We offer a flexible vacation policy so you can take the time off that you need. 
    • Remote-first and globally distributed: a 100% remote-first, asynchronous environment that respects time-zone differences. We have team members in the US, Canada, Argentina, Poland, Turkey, Russia, just to name a few. You choose where you do your work best!
    • Tech: company provided Macbook for our employees (you get to keep it after 3 years).
    • Culture: small team, lean hierarchy and no politics. Ability to influence and quickly grow within the company.
    • Fun: We also do fun virtual events for our team and will be planning a team offsite soon!
    • Professional development: we want you to grow with us, so we offer a $600 yearly budget that you can spend to learn new stuff (books, conferences, subscriptions, etc.)!
    • Personal development: freedom to grow and experiment. Work on open-source projects and try new things and ideas!
    • Opportunity to work and connect with a world-class team from around the globe!

    Offers vary depending on, but not limited to, relevant experience, education, certifications/licenses, skills, training, and market conditions.

    We are dedicated to creating an inclusive work environment for everyone. We embrace and celebrate the unique experiences, perspectives and cultural backgrounds that each employee brings to our workplace. FingerprintJS strives to foster an environment where our employees feel respected, valued and empowered, and our team members are at the forefront in helping us promote and sustain an inclusive workplace. We highly encourage people from underrepresented groups in tech to apply.