Onsite
Full Time
I'm Interested

Job Type

Full Time

Job Details

The Senior Cybersecurity Compliance Engineer is the customer-facing role of the Information Security team and is responsible for supporting customers and prospects with security questions for their due diligence

The Senior Cybersecurity Compliance Engineer will help improve processes, manage documentation libraries, and security-related deliverables for customers; contribute to the Workiva Platform security by identifying short-term and long-range customer needs to foster customer trust; and manage customer and prospect assessments and audits in line with regulatory compliance and industry standards

What You’ll Do

  • Foster Customer trust by managing and improving processes, and security related Customer deliverables

  • Educate Customers and Prospects on Workiva’s infrastructure and security framework; built upon the underlying NIST and ISO frameworks

  • Collaborate with internal stakeholders, including sales, product development, and legal team to address security related inquiries and concerns

  • Provide security information, recommendations and implement directives within other areas of Workiva

  • Identify and manage short-term and long-range issues and concerns of Customers to improve Workiva’s security and compliance

  • Prioritize and delegate the fulfillment of security requests from Customers and compliance areas; including questionnaires, RFPs and contract reviews

  • Mark up security related terms in contracts with Customers

  • Stay up to date on existing and upcoming security and privacy regulations/standards across the globe, specifically in the APAC region

  • Oversee the execution of security assessments for new technologies, third-party vendors, and acquisitions

  • Collaborate with stakeholders during the due diligence process to ensure that Prospects and Customers are provided with information that instills their trust in the Workiva Platform Serve as the face of security for Information Security

  • Influence and drive third-party risk management best practices for Workiva

  • Determine analytical methods for audits, assessments, and data gathering

  • Assess existing security controls, and provide consulting on industry best practices

  • Collaborate with stakeholders on best practices; improving skills and overcoming challenges

  • Mentor other team members on security

  • Manage multiple projects, while working with stakeholders

What You'll Need

  • Strong understanding of Cybersecurity frameworks, regulations, and standards (FedRAMP, NIST, ISO 27001, GDPR, SOC, etc.) and their application in business context

  • Strong planning and organizational skills; project management experience is a plus

  • Strong attention to detail and ability to prioritize multiple projects

  • Excellent verbal, written, and interpersonal communication skills

  • Ability to influence at all levels and in various departments

  • Ability to set priorities, meet deadlines, and manage multiple projects in a fast-paced, changing environment

  • Exceptionally strong personal integrity, and ability to professionally handle confidential matters while showing an appropriate level of good judgment and maturity

  • Possess strong technical acumen

Minimum Qualifications

  • Typically requires a minimum of 4 years of related experience with a Bachelor's degree; or 2 years and a Master's degree; or a PhD without experience

Preferred Qualifications

  • To manage clients based in Japan, fluency in spoken and written Japanese is preferred but not required

  • Security or compliance experience in a SaaS environment and/or heavily regulated environment

  • Knowledge of TPRM ( Third-Party Risk Management), SOX (Sarbanes-Oxley Act) Reporting

  • Knowledge of NIST Framework, ISO framework and GRC processes

  • Cloud Security Experience

  • Understanding of SOC 1 and 2

  • Experience with Loopio preferred

  • Background in both accounting and cybersecurity preferred

  • Prior knowledge and understanding of relevant legal and regulatory requirements, such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry/Data Security Standard (PCI DSS), SANS and ISO27001, FFIEC, MAS, DORA, GDPR, etc.

  • Prior knowledge and understanding of common information security management frameworks such as HITRUST, ISO, IEC27001, ITIL, COBIT

  • Regulatory audits a plus

  • Knowledge in Procurement and sourcing also desired

Where You’ll Work

Our values drive how we work and who we hire. You will see these values ingrained in how we support our customers, work with team members, build our products and in the work environment we’ve created.

We believe our people are our greatest asset, and our unique culture gives employees the opportunity to make an impact everyday. We give our employees the freedom and resources they need—backed by our culture of collaboration and diverse thought—to continue innovating and breaking new ground. We hire talented people with a wide range of skills and experiences who are eager to tackle some of today’s most challenging problems.

At Workiva, you’ll enjoy: 

  • Casual Dress: Workiva has a casual work environment, most people wear jeans to the office.

  • Involvement: Ability to participate in Business Employee Resource Groups (Black, Hispanic, Asian, Women, Rainbow (LGBTQIA+), Veterans, Disabilities), Volunteering, Company wide celebrations, and more

  • Work-life Balance: We have competitive PTO, VTO and Parental Leave. We encourage employees to spend time enjoying life outside of work.
     

Learn more about life at Workiva: https://www.linkedin.com/company/workiva/

Learn more about benefits: https://www.workiva.com/careers/benefits

Workiva is an Equal Employment Opportunity Employer.  We believe that great minds think differently.  We value diversity of backgrounds, beliefs, and interests, and we recognize diversity as an important source of intellectual thought, varied perspective, and innovation.  Employment decisions are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression genetic information, marital status, citizenship status or any other protected characteristic.  

Workiva is committed to working with and providing reasonable accommodations to applicants with disabilities. To request assistance with the application process, please email talentacquisition@workiva.com

#LI-A1
Mission
We're connecting diverse talent to big career moves. Meeting people who boost your career is hard - yet networking is key to growth and economic empowerment. We’re here to support you - within your current workplace or somewhere new. Upskill, join daily virtual events, apply to roles (it’s free!).
Are you hiring? Join our platform for diversifiying your team
Senior Cybersecurity Compliance Engineer
I'm Interested