Lead Security Compliance Analyst, EMEA
Iterable
- London
- Permanent
- Full-time
- Lead and manage the EMEA Customer Trust program, ultimately ensuring our customers and prospects have the materials and answers they need to make informed decisions about Iterable's security posture
- Problem-solve, devise solutions, and present actionable improvements in how security engages with both our external customers, prospects and internal stakeholders
- Join customer and prospect calls to assist the sales team when speaking about Iterable's security posture
- Be the bridge between Sales, Customer Success, Privacy, Legal and our Security teams in gathering responses for customer and prospect RFP/RFIs
- Project manage cross-functional Trust efforts, including training and Sales enablement
- Manage or produce security and privacy collateral to assist our Sales and Customer Support teams in their discussions with customers and prospects on security related matters.
- Manage RFP/RFIs that require a heavy security or privacy focus
- Review security terms and conditions on both customer and vendor contracts to ensure our commitments and security practices align
- Manage incoming compliance questions via our compliance alias for all security and privacy related inquiries
- Provide backup and assistance across GRC functions as needed (example: third party risk evaluations, audit evidence gathering)
- Assist when necessary with compliance activities such as compliance risk assessments and compliance reports
- Ability and willingness to crosstrain across multiple functions (vendor risk management and compliance and privacy operations) to provide backup to the team
- Prior experience partnering with Engineering, Legal, Customer Success and Sales organizations
- Customer service mindset
- Working knowledge of industry standard compliance frameworks (ISO, NIST, PCI, SOC2, etc)
- Working knowledge of risk assessment fundamentals (impact analysis, residual risk analysis, mitigation strategies, etc)
- Experience reviewing contracts and dealing with RFPs
- Prior exposure and technical aptitude for understanding application and infrastructure vulnerabilities; especially in cloud environments.
- Experience assessing and speaking to compliance and security risks with customers
- Prior experience leading/managing calls around security controls and security architecture on customer/prospect calls
- Paid parental leave
- Great compensation packages, meaningful equity, & 401(k) plan
- Medical, dental, vision, & life insurance
- Fertility & Adoption Assistance
- Paid Sabbatical
- Flexible PTO
- Monthly Employee Wellness allowance
- Quarterly Professional Development allowance
- Pre-tax commuter benefits
- Complete laptop workstation