Dialpad is hiring a Remote Evergreen Head of Security and Compliance
\nAbout The Role\n\nDialpad is looking for a strategic and experienced Director to head our Security and Compliance aka Trust team. The individual will lead efforts in the areas of corporate security, product security, infrastructure security, standards compliance, and risk management. An ideal candidate is someone who has strong knowledge and experience in leading implementations of security technologies, policies, and procedures within a corporate security environment, and can work with engineers to secure web applications, cloud infrastructure and on-prem infrastructure. As a leader in the organization you will be working across various operational and business teams such as Legal, Sales, IT, Support and Engineering in implementing and maintaining a comprehensive security and compliance program to protect our organization's data, systems, and assets while ensuring adherence to relevant regulations and industry standards. The role will report to the SVP of Engineering.\n\nKey Responsibilities\n\n\n* Lead the security and compliance team including GRC Analysts and Security Engineers, to foster a culture of security awareness and partnership across the organization. \n\n* Integrate security and compliance measures in the product development and deployment processes.\n\n* Build and maintain effective security controls across the organization which meet industry standards such as SOC2, ISO 27001, ISO 27017, 27018, PCI HIPAA, GDPR, etc. \n\n* Plan and coordinate with executive staff across disciplines to achieve compliance with additional standards and to make adjustments as required by existing standards.\n\n* Report regularly to executive staff and board leadership on control maturity, gaps and risks. \n\n* Lead incident response efforts across the organization for incidents associated with confidentiality and security. \n\n* Ensure the company stays up to date with modern security practices, attack vectors, industry trends, defensive tools and regulatory changes.\n\n\n\n\nKey Skills\n\n\n* At least 8 years of leadership experience in security and compliance.\n\n* At least 4 years of experience in direct people management of individuals working within security, engineering, or IT.\n\n* Familiarity with quantifiable risk assessment methodologies and maturity models.\n\n* Experience implementing and monitoring security and privacy controls within an agile software company. Building automation frameworks for implementation and monitoring of controls across multiple systems. \n\n* Experience with AICPA Trust Service Principles for SOC2, Cloud Security Alliances Common Controls Matrix, and ISO 27001, 27017, and 27018. objectives.\n\n* Excellent organizational and communication skills to prioritize tasks based on risk levels and communicate with different parts of the organization on the business impact of risks.\n\n* Working with remote teams across global time zones.\n\n\n\n\n Nice to have\n\n\n* Bachelors in Information Security, Information Systems, Computer Engineering or related field.\n\n* Advanced degree or relevant certifications such as CISSP, CISM, CISA, etc.\n\n* Experience with Google Cloud Platform for technical controls implementation and monitoring\n\n* Experience with PCI or FedRAMP Compliance\n\n* Experience within an IT Audit or Advisory role\n\n\n\n\nDialpad benefits and perks\n\nCulture\n\nWeโve been named a Top Workplace seven times, and a big part of this is because of our collaborative culture that elevates our teammates, celebrates wins, and brings together passion and talent. \n\nCompensation and equity \n\nTeamwork makes the dream work, and Dialpad offers competitive salaries in addition to stock options because each and every Dialer participates in our success.\n\nBenefits, time-off, and wellness \n\nAn apple a day keeps the doctor awayโand it doesnโt hurt that we offer flexible time off and great options for medical, dental, and vision plans for all employees. Along with that, employees also receive a monthly stipend to help cover your cell phone bill, home internet bill, home office equipment, gym membership costs, a variety of wellness events, and more!\n\nContinuing education\n\nDialpad offers a yearly stipend for continued learning and education expenses. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Education and Cloud jobs that are similar:\n\n
$70,000 — $100,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nSan Ramon, California, United States
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.