Compliance Manager

Main Location
United States
Open jobs
powertofly approved What Zapier, Inc. Has to Offer:

Zapier is transparent and honest. From instituting a diversity and inclusion "change log" to saying things like this on their benefits page: "we don't use remote as an excuse to pay less".

We also love that Zapier is a fully remote hiring partner on PowerToFly who can teach us about how to manage large teams that work-from-home. Oh and we're also Zapier users at PowerToFly. We love how they make us more efficient by connecting our apps to automate tasks!

Hi there!

We're looking for an experienced Compliance Program Manager to join our Core Security team at Zapier. Zapier’s on a mission to make everyone more productive at work. Over 5 million professionals already use Zapier to save more time, but there are millions more to reach. We believe in compliance through security instead of a check-the-box approach. If we're taking an attitude of doing the right things for security, we are going to be compliant as a side-effect.

We're looking for you to apply your process streamlining, control implementing and risk management skills to guide our teams in tightening controls needed to meet and keep our SOC2 Type2 compliance. We're also looking for help with security audit requests from our customers and partners as well as gathering and maintaining evidence for compliance. You will also build our risk management matrix and track exceptions.

If you want to make your mark by owning and leading the Compliance and Risk program at a fast-growing and profitable startup, then read on…

To help share a bit more about life at Zapier, here are a few resources:

Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.


About You

You’re a skilled Compliance Engineer, Analyst, or Manager. You have 3+ years of experience working in working in GRC.

You’re an excellent planner. You have managed complex Compliance and Security Risk projects with minimal guidance, to include planning, scheduling, and delivering of reports and other documentation. 

You’re creative and resourceful. Frameworks are purposely vague - they have to be one-size-fits-all, but you are able to apply and translate them to a SaaS company, like Zapier. You always look for solutions that are built into systems to fulfil requirements instead of creating manual labor (e.g. enforced git reviews and automated testing before a pull request vs. a manual approval). Automation is your to-go when solving control requirements.

You believe relationships are critical to success. You have participated in compliance reviews, internal and external audits, and assisted internal or external auditors. You thrive in understanding current processes to see how they fulfill requirements instead of pushing controls first.You've successfully partnered with groups like partnerships and customer support to address security related inquiries. 

You’re solid at time management. You can juggle a variety of fast-moving communications projects and be trusted to work with minimal supervision. You’re keen to build processes that will make your job more efficient over time. 

You are a skilled written communicator. Zapier is a 100% remote team and being able to communicate well is critical. Chat and video are our primary means of communication. You can communicate unfamiliar topics clearly and in an approachable way to both technical and non-technical staff, including senior management.


Things You Might Do

Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:

  • Own huge parts of our Security strategy and be responsible to build up the Compliance and Risk program.
  • Manage our SSAE 16/18 (SOC2) compliance, guide our teams to implement the right controls.
  • Perform internal evidence reviews to make sure we're following the compliance requirements.
  • Maintain a Risk Assessment matrix and handle risk exceptions.
  • Work with our Partnership and Support teams to assist on customer and partner inquiries.
  • Provide help and guidance on GDPR and CCPA control implementations.
  • Research and blog internally and externally about the latest information compliance and risk management trends.
  • Develop security policies and procedures.
  • As a part of our All Hands Support initiative, help customers have the best possible experience with Zapier.


About Zapier

For the past nine years, Zapier has been helping people across the world automate the boring and tedious parts of their job. We do that by helping everyone connect the web applications they already use and love.

We believe that there are jobs a computer is best at doing and that there are jobs a human is best at doing. We want to empower businesses to create processes and systems that let computers do what they are best at doing and let humans do what they are best at doing.

We believe that with the right tools, you can have big impact with less hassle.

We believe in small teams. Small teams are fast and nimble. Small teams mean less bureaucracy and less management and more getting things done.

We believe in a safe, welcoming, and inclusive environment. All teammates at Zapier agree to a code of conduct.


The Whole Package

We're currently hiring for the following locations:

  • US 
  • Canada


  • Competitive salary (we don't use remote as an excuse to pay less)
  • Great healthcare + dental + vision coverage*
  • Retirement plan with 4% company match*
  • Profit sharing
  • 2 annual company retreats to awesome places
  • 14 weeks paid leave for new parents of biological or adopted children
  • Pick your own equipment. We'll set you up with whatever Apple laptop + monitor combo you want plus any software you need.
  • Unlimited vacation policy. Plus we require you to take at least 2 weeks off each year. We see most employees take 4-5 weeks off per year. This isn't a vague policy where unlimited vacation means no vacation.
  • Work with awesome companies around the world. We partner with great software companies all over the world and you'll constantly get to interact with people from these great companies

*While we take care of our international folks as best we can, currently, healthcare and retirement plans are only available to US, Canada, and UK based employees.


How To Apply

We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate.

After you apply, you are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.

Zapier is an equal opportunity employer. We're excited to work with talented and empathetic people no matter their race, color, gender, sexual orientation, religion, national origin, physical or mental disability, or age. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base.

Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team
Compliance Manager
Zapier, Inc.