We're looking for an experienced Security Compliance Analyst to join our Core Security team at Zapier. Zapier’s on a mission to make everyone more productive at work. Over 5 million professionals already use Zapier to save more time, but there are millions more to reach. We believe in compliance through security instead of a check-the-box approach. If we're taking an attitude of doing the right things for security, we are going to be compliant as a side-effect.
We're looking for you to apply your process streamlining, control implementing and risk management skills to guide our teams in tightening controls needed to meet and keep our SOC2 Type2 compliance. We're also looking for help with security audit requests from our customers and partners as well as gathering and maintaining evidence for compliance. You will also build our risk management matrix and track exceptions.
If you want to make your mark by owning and leading the Compliance and Risk program at a fast-growing and profitable startup, then read on…
To help share a bit more about life at Zapier, here are a few resources:
Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.
You’re a skilled Compliance Engineer or Analyst. You have 3+ years of experience working in working in GRC.
You’re an excellent planner. You have managed complex Compliance and Security Risk projects with minimal guidance, to include planning, scheduling, and delivering of reports and other documentation.
You’re creative and resourceful. Frameworks are purposely vague - they have to be one-size-fits-all, but you are able to apply and translate them to a SaaS company, like Zapier. You always look for solutions that are built into systems to fulfil requirements instead of creating manual labor (e.g. enforced git reviews and automated testing before a pull request vs. a manual approval). Automation is your to-go when solving control requirements.
You believe relationships are critical to success. You have participated in compliance reviews, internal and external audits, and assisted internal or external auditors. You thrive in understanding current processes to see how they fulfill requirements instead of pushing controls first.You've successfully partnered with groups like partnerships and customer support to address security related inquiries.
You’re solid at time management. You can juggle a variety of fast-moving communications projects and be trusted to work with minimal supervision. You’re keen to build processes that will make your job more efficient over time.
You are a skilled written communicator. Zapier is a 100% remote team and being able to communicate well is critical. Chat and video are our primary means of communication. You can communicate unfamiliar topics clearly and in an approachable way to both technical and non-technical staff, including senior management.
Things You Might Do
Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:
For the past nine years, Zapier has been helping people across the world automate the boring and tedious parts of their job. We do that by helping everyone connect the web applications they already use and love.
We believe that there are jobs a computer is best at doing and that there are jobs a human is best at doing. We want to empower businesses to create processes and systems that let computers do what they are best at doing and let humans do what they are best at doing.
We believe that with the right tools, you can have big impact with less hassle.
We believe in small teams. Small teams are fast and nimble. Small teams mean less bureaucracy and less management and more getting things done.
We believe in a safe, welcoming, and inclusive environment. All teammates at Zapier agree to a code of conduct.
The Whole Package
We're currently hiring for the following locations:
*While we take care of our international folks as best we can, currently, healthcare and retirement plans are only available to US, Canada, and UK based employees.
How To Apply
We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate.
After you apply, you are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.
Optional: Share anonymously some demographic information about yourself to help us better track trends related to the backgrounds of candidates interested in working at Zapier in order for us to build a team that represents the users at Zapier and the broader world population.
Zapier is an equal opportunity employer. We're excited to work with talented and empathetic people no matter their race, color, gender, sexual orientation, religion, national origin, physical or mental disability, or age. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base.