CloudFlare Senior Compliance Specialist in San Francisco, California
Senior Compliance Specialist - San Francisco
At CloudFlare, we have our eyes set on an ambitious goal -- to build a better, more secure web. We believe that with our talented team, smart technology and engaged users we can solve some of the biggest problems on the web. We already serve more web traffic than Twitter, Bing, Wikipedia, Amazon, Apple and Instagram combined. Anytime we push a line of code, it affects over 200 million web surfers overnight. We are still a small team, well-funded, growing quickly and focused on building a world-class company.
We are looking to hire a compliance specialist to help build out our San Francisco based compliance team. This role will be responsible for managing a wide range of compliance operational matters supporting CloudFlare’s growing business.
In CloudFlare compliance is seen as an extremely important business function. Not only is it an in incredibly important tool to give our customers confidence in our products, but it is also the pathway to a well tuned, functional Information Security management system and program. We do not believe in tick-box security, for us compliance is a pathway to doing things right. For this reason we are extremely careful about which programs we commit to and how we integrate them into the business.
This will be a chance to work on real security problems in a Billion dollar business. We guarantee that you won’t get bored.We are the most attacked company on the internet, for good reason. So it should come as no surprise why we need someone who thinks like a hacker too.
• Own one of CloudFlare’s major compliance programs from top to bottom. • Establish, implement and work to improve appropriate compliance processes (including compliance monitoring) • Work with external auditors to achieve compliance within agreed timeframes • Work with Internal teams to achieve and report annually on compliance • Work to constantly improve our compliance position and status • Work to integrate lessons from compliance into the business’s security program • Work as part of the Information Security team on constantly improving security • Advise on all international regulatory and compliance matters • Work with the Sales and product teams on compliance/regulatory matters • Have input into the overall compliance strategy • Help guide our overall security policy and architecture • Drive security awareness and compliance across the business
• Experience with working on major compliance programs in a large company: should have seen at least one program initiative through from start to finish. • Familiarity with several of HIPAA, SSAE16 SOC 2, PCI DSS, PA DSS, ISO 27001 & 27002, ISO 27017 & 27018, FedRAMP, NIST 800-XX Frameworks, SOX • Intimate knowledge of at least one of the programs listed above • Strong technical background • Strong Infosec experience - CISSP, CISM, CCNA, CCNP a big plus • Security and Risk Management experience - CISA, CRISC, CISM a plus • Solid Project Management Experience • Ability to work cross-functionally with internal stakeholders • Ability to work efficiently and independently in a fast-paced, high-volume environment. • Some people management experience • Comfortable working with data and data visualisation • Strong communication skills
We offer competitive salaries, equity, fantastic health benefits plan, a new laptop, monthly CalTrain / BART pass for commuters and the opportunity to work with a smart, motivated team where you will see your contribution daily. A chance to travel the world, speaking at the best of the best security conferences. Our sunny offices are based in SOMA in San Francisco, CA.
Most importantly, a chance to be part of a highly motivated extremely fast paced team at the front-lines of infosec.
Sound like somewhere you'd thrive? We'd love to hear from you. Submit your resume and a short paragraph to introduce yourself.
CloudFlare is a security company. All prospective employees will be subject to an extensive background check.
CloudFlare is an equal opportunity employer and does not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.