News HashiCorp to join IBM to accelerate multi-cloud automation Read the blog
RemoteUnited States
Req IDJR103195

Sr. GRC Specialist, Customer Trust

Sr. Compliance Specialist, Governance, Risk and Compliance (Customer Trust)

About the team

As part of the Security organization and within the Governance, Risk and Compliance (GRC) department, the Customer Trust team is the customer-facing side of the security program at HashiCorp. The team is responsible for telling our security, compliance and privacy story and building trust with our customers. Unlike GRC teams at other organizations where this is a shared responsibility, at HashiCorp we have a team dedicated to this function.

We are looking for an experienced analyst to join an already established Customer Trust team to help improve and grow the team and program. This role will contribute to HashiCorp primarily in the form of completing customer security assessments and audits of HashiCorp, working with the Legal team to negotiate security terms in contracts, meeting with customers directly to discuss HashiCorp’s security posture, and creating enablement material to make customers successful as it relates to security, compliance and privacy. Additionally, this role will help build these competencies in the rest of the team and develop the maturity and scale of the Customer Trust program.

In this role, you will:

  • Develop and contribute to quarterly and annual planning
  • Track execution against OKRs and the GRC roadmap
  • Develop, track, and report on Customer Trust metrics and KPIs
  • Meet directly with customers (pre- and post-sales) to discuss HashiCorp’s security, compliance and privacy programs and controls
  • Work with the Legal team to review and redline customer contracts for security, compliance and privacy terms
  • Complete customer security questionnaires and RFPs
  • Oversee customer audits of HashiCorp, which may include occasional onsite audits
  • Work with Sales and Legal to identify what the security, compliance and privacy barriers are for our customers, and work across HashiCorp to solve for them
  • Develop content and documentation on how HashiCorp products and services can be used to meet compliance requirements for customers and internal teams
  • Provide guidance and recommendations to internal teams (such as product management, GTM, sales, and engineering) as new products are being created and launched about the security, compliance, and privacy needs of our customers
  • Work closely with the GRC Compliance team to ensure SOC 2, ISO and PCI reporting and the HashiCorp control and policy frameworks are meeting the assurance expectations of HashiCorp customers
  • Create and maintain documentation about the security, compliance and privacy programs at HashiCorp, as well as for the team’s processes and procedures
  • Assist with other GRC activities as needed, including external security audits and other tasks as required

Must-Have Qualifications

  • 5+ years of experience in one or more areas of security, with at least three in GRC
  • Strong understanding of cloud, preferably AWS
  • Experience working directly with customers in the Global 2000
  • Deep understanding and hands-on experience with the security side of pre- and post-sales (customer security assessments, onsite audits, contract negotiations, etc)
  • Significant previous experience with one or more of SOC 2, PCI, or ISO 27001
  • Excellent written and verbal communication
  • Ability to prioritize and track multiple projects in parallel
  • Highly responsive and have a customer first mindset 
  • Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)

Desired Qualifications

  • Previous experience at a technology or SaaS company in similar role
  • Experience with automation or tooling in support of completing security questionnaires or other Customer Trust processes

#LI-AZ1

#LI-REMOTE

The base pay range for this role in the SF Bay Area / NYC area is:
$182,800$215,000 USD
The base pay range for this role in Seattle Metro, Denver / Boulder Metro, New York (excluding NYC), Washington D.C., or California (excluding SF Bay Area) is:
$167,500$197,100 USD
The base pay range for this role in Colorado (excluding Denver / Boulder Metro) and Washington (excluding Seattle Metro) is:
$152,300$179,200 USD

ALERT: HashiCorp has received reports of scams where individuals purporting to represent HashiCorp conduct bogus “employment interviews” via email or text, and then request payment as a condition for receiving an offer of employment. HashiCorp and its subsidiaries do not conduct interviews by email or text, and will never request payment as a condition for applying for a position or receiving an offer of employment.  These scam operators may also ask for your personal information (name, address, birthdate, social security number, etc.), which you should not provide to them.  If you have been the target of such a scam, you should report it to the U.S. Federal Trade Commission (see this FTC posting for further details: https://www.consumer.ftc.gov/articles/job-scams) the office of your state Attorney General, or the government agency responsible for investigating matters such as this where you reside.

Life at Hashicorp

Life at HashiCorp

HashiCorp is driven by our people and our principles which have been the foundation of everything we do since the company was founded in 2012. Join us on our journey as we work to support the world's most innovative companies as they transition to cloud and multi-cloud infrastructure through simple yet powerful workflows and automation.

About HashiCorp

At HashiCorp, we build the infrastructure that enables innovation.  Our suite of multi-cloud infrastructure automation products are the underpinnings of the largest enterprises in the world, who rely on our solutions to provision, secure, connect, and run their critical applications to deliver crucial services, communications tools, and entertainment platforms to the world. We're building a once-in-a-generation infrastructure company with a unique approach rather than focusing on specific technologies, and we build products and solutions that support real-world workflows spanning the multiple cloud environments that nearly every organization worldwide is using today. 

HashiCorp is proud to be an Equal Employment Opportunity employer. We are committed to providing equal employment opportunities to qualified applicants and do not discriminate on the basis of race, color, ancestry, religion, sex, pregnancy, gender, gender identity, gender expression, sexual orientation, national origin, age, marital status, genetic information, disability, protected veteran status or any other characteristic protected by federal, state, or local laws. We also consider qualified applicants with arrest and conviction records consistent with the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Ordinance, and other applicable state or local laws.

HashiCorp is committed to providing reasonable accommodations to qualified individuals with disabilities in our job application procedures. If you need assistance or an accommodation due to a disability, please reach out to benefits@hashicorp.com

We comply with all laws and regulations set forth in the following posters:

Know Your Rights: Workplace Discrimination is Illegal

EEO is the Law Supplement

Pay Transparency Non-Discrimination

Benefits at HashiCorp

Note: some benefits may differ from one country to another.

View all benefits