Information Security Compliance Manager

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real-time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. Trusted by a large enterprise customer base, we are a well-funded startup, passionate open source enthusiasts at heart, and problem-solvers who are building and delivering powerful solutions to secure cloud-native applications.

We have an organizational focus on delivering value to customers. We appreciate diverse opinions and open dialogue to spur ideas. We believe in working together to achieve our goals, and we pride ourselves on a flexible work culture. We’re an international company that understands how to cultivate an inclusive environment across remote teams.

And we're a great place to work too - we've been named a "Best Places to Work" by Inc, the San Francisco Business Time, and Built In, with recognitions ranging from "Best Benefits" to a "Best Company for Happiness. 

We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you?

• You will report to the Head of Security & Compliance. This is an individual contributor role with no direct reports
• Work with our 3PAO, Government Accreditors, Sales Team , and Accreditors to communicate our compliance position and program
• Manage detailed testing of controls to ensure risks are identified, associated audit procedures are applied, related controls are designed and operating, and mitigate the identified risks.
• Ensure execution of required testing and auditing activities for IT by internal and external parties leading to successful certification of the company on an ongoing basis
• Manage IT process and control documentation for SOX (ITGC, risk control matrix, process flowcharts, controls testing procedures) and support regulatory requirements for Systems
• Participate in the full delivery of cyber risk and security engagements serving multiple clients across different industries
• Conduct information security risk assessments, including risk/issue intake/identification, evaluation and treatment plan preparation and tracking.
• Information Security and Compliance Frameworks and regulatory standards and requirements (i.e., ISO, SOC2, FedRAMP, GDPR).
• Engage with regulators and provide walkthroughs of testing and validation work performed.
• Improve existing processes and develop efficient solutions

• 8 plus years of experience relevant work experience in IT Compliance
• Experience with SOX and ITGC and application control concepts
• Knowledge of procedures related to SOC 1/2, GDPR, FedRAMP,ISO 27001, ISO27701, SOX, PCI
• Familiarity and experience with cloud computing and the acronyms that come with it - Amazon Web Services (AWS), Google Cloud Platform (GCP), SaaS, IaaS, PaaS.
• Experience with GRC (Governance, Risk, Compliance) and ITSM (IT Service Management) desired.
• Knowledge of ITSM and IT Change Control Processes CISA, CIA, CISSP or other related certifications a plus

• A “can do” attitude.
• Ability to pivot quickly when needed, and enjoy building processes that scale a growing business
• Comfortable collaborating within a dynamic, fast-paced, rapid-growth environment.
• Independent who operates with a strong sense of ownership for projects and results, excellent business judgment.

• 401(k) Retirement Savings Plan
• Maternity and Parental Leave
• Mental health support for you and your family through the Modern Health app
• Great compensation package and flexible working arrangements
• Development opportunities

The U.S. annual on target earnings (OTE) range for this full-time position is between 131,000 and 180,400 USD/year. Actual offers may be higher or lower than this range based on a variety of factors, including your work location, job-related experience and education.

We would love for you to join us! Please reach out even if your experience doesn’t perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different.

Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status.

#LI- SM3

#LI-Hybrid