Security Compliance Manager
3 weeks ago
Job type: Full-time
Hiring from: Multiple locations
Category: DevOps / Sysadmin
Armory is defining the future of DevOps in the enterprise by simplifying the governance requirements for complex organizations using Kubernetes.
We are looking for a *Security Compliance Manager* to guide our compliance initiatives, interface with customers, and partner with internal teams to execute on our security objectives. This role will involve hands-on work to create self-service processes, introduce new tools and automation to support those processes, and ensure that our company policies are accurate and continuously aligned with what the Armory crew can support.
In this role, you will work closely with other departments to implement the security controls established by our CISO and internal Security Council. As a member of our Security Council, you will also be responsible for engaging in customer-facing discussions regarding our security posture, as well as advocating for compliance initiatives which simultaneously elevate our security posture and enable strategic Go To Market efforts.
What You’ll Deliver
- Excellent communication skills and empathy towards customers and colleagues alike
- Strong knowledge of compliance and security at core cloud providers like AWS and GCP
- Experience with compliance certifications such as SOC 2, ISO 27001 and FedRamp
- Creativity to increase compliance requirements while minimally impacting productivity
- Thoughtful attention to right-sizing processes through self-service and automation
What You’ll Do
- Lead initiatives to achieve and maintain new industry compliance certifications
- Distill large and complex projects into manageable and measurable action items
- Monitor and report on compliance with security policies and established controls
- Develop simplified audit and attestation processes to streamline the audit process
- Implement tooling and automation to support our compliance and security strategies
- Review and respond to security assessment questionnaires from Armory customers
- Advocate for the needs of our customers to define our compliance roadmap
- Participate in Security Council, incident response, and operations activities
- Minimum 4 - 5 years of experience working in a relevant security role
- 2+ years of experience implementing effective compliance programs
- Comfortable working with remote and distributed teams and systems
- Familiar with the challenges of fast-paced startups with security needs
- You are a self-starter and thrive with autonomy and independence
Nice to Haves
- Industry certifications
- Conference presentations
- Open source contributions
At Armory, our concept of diversity is broad. We understand that diversity comes in many forms and includes age, socioeconomic status, educational background, ethnic identity and national origin, marital and familial status, gender expression and identity, transgender status, disability status, religious affiliation, sex and sexual orientation, veteran status, neurodivergence, and mental health status. As we build a company that is both diverse and inclusive, we are also working on the way we communicate. There are challenges, stumbling blocks, and failings, but we are committed to learning and improving to make Armory a welcoming company.
This is a blog post from Armory’s CEO sharing his perspective of being an accomplice and not just an ally: https://drodio.com/be-a-diversity-and-inclusion-accomplice-not-just-ally/
Armory is a Series C startup backed by B-Capital, Insight, Crosslink Capital, Y Combinator (W17), Bain Capital, and Javelin Venture Partners based in San Mateo, CA. We believe software is the highest leverage way to improve humanity. So, we are building a platform that unlocks collaboration between your Dev, Sec, and Ops teams and tools, from Code to Cloud. Built on Spinnaker, our Policy-Driven Deployments enable you to innovate with speed & safety. Our platform automates software delivery to make engineers happy and productive.
Before you apply, please check if any restrictions apply in terms of time zone or country.
This job has a geo-restriction in place: Multiple locations .
Please mention that you come from Remotive when applying for this job.
Does this job need an edit? 🙈