Job Information
HashiCorp Sr. GRC Specialist, Customer Trust in United States
Sr. Compliance Specialist, Governance, Risk and Compliance (Customer Trust)
About the team
As part of the Security organization and within the Governance, Risk and Compliance (GRC) department, the Customer Trust team is the customer-facing side of the security program at HashiCorp. The team is responsible for telling our security, compliance and privacy story and building trust with our customers. Unlike GRC teams at other organizations where this is a shared responsibility, at HashiCorp we have a team dedicated to this function.
We are looking for an experienced analyst to join an already established Customer Trust team to help improve and grow the team and program. This role will contribute to HashiCorp primarily in the form of completing customer security assessments and audits of HashiCorp, working with the Legal team to negotiate security terms in contracts, meeting with customers directly to discuss HashiCorp’s security posture, and creating enablement material to make customers successful as it relates to security, compliance and privacy. Additionally, this role will help build these competencies in the rest of the team and develop the maturity and scale of the Customer Trust program.
In this role, you will:
Develop and contribute to quarterly and annual planning
Track execution against OKRs and the GRC roadmap
Develop, track, and report on Customer Trust metrics and KPIs
Meet directly with customers (pre- and post-sales) to discuss HashiCorp’s security, compliance and privacy programs and controls
Work with the Legal team to review and redline customer contracts for security, compliance and privacy terms
Complete customer security questionnaires and RFPs
Oversee customer audits of HashiCorp, which may include occasional onsite audits
Work with Sales and Legal to identify what the security, compliance and privacy barriers are for our customers, and work across HashiCorp to solve for them
Develop content and documentation on how HashiCorp products and services can be used to meet compliance requirements for customers and internal teams
Provide guidance and recommendations to internal teams (such as product management, GTM, sales, and engineering) as new products are being created and launched about the security, compliance, and privacy needs of our customers
Work closely with the GRC Compliance team to ensure SOC 2, ISO and PCI reporting and the HashiCorp control and policy frameworks are meeting the assurance expectations of HashiCorp customers
Create and maintain documentation about the security, compliance and privacy programs at HashiCorp, as well as for the team’s processes and procedures
Assist with other GRC activities as needed, including external security audits and other tasks as required
Must-Have Qualifications
5+ years of experience in one or more areas of security, with at least three in GRC
Strong understanding of cloud, preferably AWS
Experience working directly with customers in the Global 2000
Deep understanding and hands-on experience with the security side of pre- and post-sales (customer security assessments, onsite audits, contract negotiations, etc)
Significant previous experience with one or more of SOC 2, PCI, or ISO 27001
Excellent written and verbal communication
Ability to prioritize and track multiple projects in parallel
Highly responsive and have a customer first mindset
Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
Desired Qualifications
Previous experience at a technology or SaaS company in similar role
Experience with automation or tooling in support of completing security questionnaires or other Customer Trust processes
#LI-AZ1
#LI-REMOTE
The base pay range for this role in the SF Bay Area / NYC area is:
$182,800—$215,000 USD
The base pay range for this role in Seattle Metro, Denver / Boulder Metro, New York (excluding NYC), Washington D.C., or California (excluding SF Bay Area) is:
$167,500—$197,100 USD
The base pay range for this role in Colorado (excluding Denver / Boulder Metro) and Washington (excluding Seattle Metro) is:
$152,300—$179,200 USD