Demo
Salary Resume Critique Job Openings

Sr. Compliance Specialist, Governance, Risk and Compliance

HashiCorp
San Francisco, CA Full Time
POSTED ON 2/12/2025
AVAILABLE BEFORE 5/4/2025

About the team

HashiCorp has a dedicated Compliance team who supports HashiCorp's compliance attestations and certification, as well as policy and governance. The compliance team plays a critical role in ensuring that the organization adheres to policies, requirements and contractual commitments. This team is responsible for implementing and maintaining compliance frameworks, supporting external audits, policy review and refresh, among many other key compliance activities. The Compliance team works closely in collaboration with many teams within HashiCorp, such as R&D, IT, and other Security members.

What you'll do (responsibilities)

  • Help oversee and mentor existing compliance analyst(s)
  • Work with external auditors and controls owners on SOC 2 and ISO 27001 / 17 / 18 including :

Ensure contracting is in place with external auditor to conduct attestation / certifications on an annual basis

  • Confirm scope of SOC 2 and ISO audits
  • Prepare the ISO scope documentation and Statement of Applicability (SOA)
  • Develop project plan including key milestones and timelines, working with HashiCorp's auditor
  • Identify and confirm control owners before the audit begins
  • Prepare control owners for external assessments
  • Prepare internal communications, including weekly status updates that outline the status of the program, potential risks and call to action items
  • Host walkthroughs and prepare and / or review walkthrough agendas
  • Perform the final review of evidence that is gathered by control owners before submitting to the auditors
  • Monitoring and tracking control exceptions, if applicable, and help teams create remediation plans for gaps / audit findings
  • Development of the system description, including working with relevant control owners for input
  • Prepare and facilitate regular management reviews as part of ISO 27001
  • Provide program oversight of the annual ISO Internal Audit
  • Maintain and document the scope / boundaries of the compliance program (cloud accounts, repositories, Github teams, etc.) including updates, removals and additions.
  • Identify and propose improvement to the Security Policy and participate in the annual Security Policy review
  • Support requests received for Security Policy exceptions, including following up on approved exceptions expiring.
  • Maintain documentation such as HashiCorp's Common Control Framework (CCF), including developing new controls, completeness and accuracy of the information including framework mappings
  • Work with controls owners to identify opportunities for automating manual processes and controls
  • Develop, maintain and deliver on control owner enablement trainings
  • Provide input on program metrics and collect and report on metrics data
  • Support other GRC tasks as required

    • What you'll need (basic qualifications)

  • Minimum of 8 years of related professional compliance and controls program experience
  • Previous experience in a cloud environment, preferably AWS and / or Azure
  • Advanced level knowledge either SOC 2 and ISO 27001
  • Experience leading internal and / or external audits, working as the liaison between auditors and the business
  • Comfortable working with both deeply technical and non-technical resources
  • Flexible in daily hours (e.g. willingness to work longer hours during end of quarter and peak periods, and audit)
  • Highly responsive
  • Ability to prioritize and track multiple projects and tasks in parallel

    • What's nice to have (preferred qualifications)

  • Experience working in a large, multi-cloud environment
  • Deep understanding of common security compliance frameworks, attestations and certifications
  • Previous experience at a technology or SaaS company in a similar role
  • Experience working with OSCAL

    • LI-Remote

    Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training.

    The base pay range for this role in the SF Bay Area / NYC area is :

    182,800 - $215,000 USD

    The base pay range for this role in California (excluding SF Bay Area), New York (excluding NYC), Seattle Metro, Denver / Boulder Metro, Washington D.C., or Maryland is :

    167,500 - $197,100 USD

    The base pay range for this role in Colorado (excluding Denver / Boulder Metro), Illinois, Minnesota, or Washington (excluding Seattle Metro) is :

    152,300 - $179,200 USD

    Salary : $152,300 - $179,200

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Sr. Compliance Specialist, Governance, Risk and Compliance?

    Sign up to receive alerts about other jobs on the Sr. Compliance Specialist, Governance, Risk and Compliance career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $91,142 - $116,690
    Income Estimation: 
    $116,347 - $154,557
    Income Estimation: 
    $150,417 - $183,047
    Income Estimation: 
    $67,184 - $82,143
    Income Estimation: 
    $101,891 - $127,995
    Income Estimation: 
    $77,959 - $100,981
    Income Estimation: 
    $221,374 - $493,025
    Income Estimation: 
    $81,400 - $124,666
    Income Estimation: 
    $101,891 - $127,995
    Income Estimation: 
    $147,978 - $217,738
    Income Estimation: 
    $120,804 - $165,791
    Income Estimation: 
    $221,374 - $493,025
    Income Estimation: 
    $80,876 - $132,043
    Income Estimation: 
    $116,347 - $154,557
    Income Estimation: 
    $150,417 - $183,047
    Income Estimation: 
    $77,959 - $100,981
    Income Estimation: 
    $101,891 - $127,995
    Income Estimation: 
    $99,043 - $130,203
    Income Estimation: 
    $221,374 - $493,025
    Income Estimation: 
    $81,400 - $124,666
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at HashiCorp

    Sales Coach - Sr. Sales Enablement Trainer
    HashiCorp
    Hired Organization Address San Francisco, CA Full Time
    Sales Coach and Trainer About the team Are you passionate about delivering impactful training that drives sales performa...
    Solutions Architecture Specialist
    HashiCorp
    Hired Organization Address San Francisco, CA Full Time
    About the Role As a Solutions Architecture Specialist (SA) at HashiCorp, you will work in a high-performance environment...
    Sr. Software Development Engineer II - Terraform Customer Engineering (TCE)
    HashiCorp
    Hired Organization Address San Francisco, CA Full Time
    About HashiCorp HashiCorp solves development, operations, and security challenges in infrastructure so organizations can...
    Strategic Account Manager- Colorado / Utah
    HashiCorp
    Hired Organization Address Denver, CO Full Time
    About the role Strategic Account Manager is an outside sales position responsible for developing, managing, and closing ...
    View More Jobs at HashiCorp

    Not the job you're looking for? Here are some other Sr. Compliance Specialist, Governance, Risk and Compliance jobs in the San Francisco, CA area that may be a better fit.

    Governance, Risk, Compliance - Lead

    Tbwa Chiat/Day Inc, San Francisco, CA

    Governance, Risk and Compliance Lead

    Scale AI, Inc., San Francisco, CA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!