Governance Risk Compliance Specialist

Gong transforms revenue organizations by harnessing customer interactions to increase business efficiency, improve decision-making and accelerate revenue growth. The Revenue Intelligence Platform uses proprietary artificial intelligence technology to enable teams to capture, understand and act on all customer interactions in a single, integrated platform. More than 4,000 companies around the world rely on Gong to support their go-to-market strategies and grow revenue efficiently. For more information, visit www.gong.io.

As an individual contributor of trust operations on our Security team, you’ll play a key role in ensuring customer trust is core to our product and company.

RESPONSIBILITIES

• Create and update Security Policies, standards and procedures
  
• Create and manage corporate-wide security training
  
• Plan, coordinate, and implement work assignments with process owners, control owners, external auditors and consultants
  
• Perform control testing, document results and provide updates to the business
  
• Partner with internal stakeholders on the design of internal controls for ongoing risk mitigation and information systems based on internal and external obligations
  
• Clearly and effectively communicate security issues and risks to diverse audiences
  
• Manage, perform and report on Security Risk Assessments.
  
• Educate and train process and control owners on security practices and responsibilities
  
• Ensure compliance with applicable controls based on a unified control framework
  
• Evaluate and advise on new and evolving certification programs, technology and security standards
  
• Proactively identify and correct process gaps and improvements to further the maturity of Gong’s programs in alignment with Company goals and objectives
  
• Ability to work independently on complex programs and assignments with diverse teams

QUALIFICATIONS 

• 6+ years of overall experience, with 5+ years of relevant Information Security or GRC experience
  
• Basic Cloud Security Knowledge     
  
• GRC tool and automation experience 
  
• In-depth knowledge of control and Risk frameworks including PCI DSS, NIST 800-37 and ISO 27001, SOC 2
  
• Ability to be hands-on and go beyond direct job responsibilities to help the team succeed
  
• Ability to navigate ambiguity in a fast-changing environment
  
• Familiarity with attack frameworks and mitigation

PERKS & BENEFITS 

• We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs.
• Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
• Mental Health benefits with covered therapy and coaching.
• 401(k) program to help you invest in your future.
• Education & learning stipend for personal growth and development.
• Flexible vacation time to promote a healthy work-life blend.
• Paid parental leave to support you and your family.
• Company-wide recharge days each quarter.
• Work from home stipend to help you succeed in a remote environment.

The annual salary hiring range for this position is $153,000 - $180,000 USD. 

Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location. At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Some of our sales compensation programs also offer the potential to achieve above targeted earnings for those who exceed their sales targets.

We are always looking for outstanding Gongsters! So if this sounds like something that interests you regardless of compensation, please reach out. We may have more roles for you to consider and would love to connect.

We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.

Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.

To review Gong's privacy policy, visit https://www.gong.io/gong-io-job-candidates-privacy-notice/ for more details.

#LI-AC1