Senior Compliance Specialist in Zuora

FULL_TIME

  Remote (Costa Rica) | Senior | Full time | SysAdmin / DevOps / QA

Gross Salary $4000 - 6000 USD/month

1 applications
Last checked yesterday
Apply now Quick apply
Requires applying in English

Our Information Technology (IT) team is Zuora’s internal engineering organization, responsible for creating technology experiences that connect our teams, drive business alignment and build a stronger, more collaborative work “place.” With a cloud-first approach, we empower our global ZEOs with increased productivity and self-service to enable company growth, scale, and flexibility while hardening our security and compliance posture. Zuora is looking for a Senior Security Engineer with expertise in Application Security and DevSecOps to join our application security & security engineering team.

Job functions

The role of a Compliance Engineer is to work with our Trust and Compliance team to:

  • Drive security compliance efforts from the beginning to the end by maintaining a positive relationship with both internal and external stakeholders
  • Maintain compliance documentation, including audit evidence, controls, and vendor security reviews
  • Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks (PCI, SOC, ISO 27XXX, HIPAA, GDPR, etc)
  • Monitor the performance of the compliance program through the development of and maintenance of automated systems.
  • Work with cross-functional teams to identify risks and gaps in our compliance controls and facilitate remediation across our products and infrastructure.
  • Assist with completing security questionnaires from customers and answering customer questions with respect to compliance; work with the internals team to create customer collateral to educate internal staff and aid in the sales process
  • Assist with requesting/reviewing security questionnaires/contracts from vendors and identify security risks and gaps in the compliance controls to aid in the procurement process
  • Develop automation of risk management, control execution, and monitoring

Qualifications and requirements

  • 3+ years of experience with a demonstrated track record of success in GRC, internal audit, security, and/or privacy space.
  • Knowledge of various compliance frameworks (PCI, SOC2, ISO 27001, ISO 27018, HIPAA, GDPR, etc.)
  • Strong experience with any scripting languages like Ruby, Python, Unix shell, bash, etc.
  • Functional knowledge of multiple security domains and information security industry standards and best practices
  • Experience leading 3rd party risk management programs, including responding to customer security questionnaires, interacting directly with customer sales and security teams, and reviewing vendor security
  • Solid experience managing compliance initiatives for cloud platforms and interacting with external auditors
  • Strong project management skills
  • Strong written and verbal communication skills

Desirable skills

  • A mix of experiences at a Big Four (or similar) audit or consulting firm and at an in-house governance, risk, and compliance function at a SaaS company
  • Industry-recognized certification in security ISO 27001 LA / LI D desire to pursue CISSP, CISA, CISM, CCSK, etc. in 6 months.
  • Experience working in an international/global organization

Conditions

Flexible hours Flexible schedule and freedom for attending family needs or personal errands.
Health coverage Zuora pays or copays health insurance for employees.
Computer provided Zuora provides a computer for your work.
Informal dress code No dress code is enforced.
Beverages and snacks Zuora offers beverages and snacks for free consumption.

Remote work policy

Locally remote only

Position is 100% remote, but candidates must reside in Costa Rica.

About Zuora

Transform the way the world does business. Join our global team in the relentless pursuit of transforming the world’s largest companies into subscription businesses. We’re building our company for the long-term—what matters to you, matters to us. — Zuora's full profile

Senior Compliance Specialist
Zuora •   Remote (Costa Rica)
Apply Quick apply
Requires applying in English