Security Compliance Specialist

Join Secure Code Warrior to create a safer digital landscape by assisting companies to secure their software through developer-led practices!
Secure Code Warrior’s mission is to establish new standards for coding that transform the ways software is created. We do this by providing the world’s leading agile learning platform that delivers the most effective secure coding solution for developers to learn, apply, and retain software security principles.  More than 600 enterprises trust Secure Code Warrior to implement agile learning security programs, build safer software, and create a culture of developer-driven security.  We are a venture-backed company with offices in Australia, the United States, Belgium, Iceland, and the United Kingdom.
Secure Code Warrior’s vision is to empower developers to be the first line of defense in their organisation by making security highly visible and providing them with the skills and tools to write secure code from the beginning. Our global software security business is growing rapidly, and we are looking to hire a Security Compliance Specialist.
Security and Compliance is an integral part of our DNA at Secure Code Warrior. It allows our customers to be confident in our products, while also providing frameworks for well-tuned information security management systems and programs. These standards and frameworks provide clarity to Secure Code Warrior’s internal business teams on how to incorporate security principles in the management of systems, the development of products, and the expansion of our business footprint.
You will join Secure Code Warrior as a member of the security team, reporting into the Head of Security, Risk & Privacy, specializing in Security and Compliance. You will be instrumental in partnering with business teams and customers through your security and compliance knowledge and how it pertains to Secure Code Warrior and our products. In addition you will support SCW’s Security Strategy by building and managing our compliance program, and working with the wider business to implement security by design and build resiliency.
The ideal candidate will have an aptitude to learn, adapt and thrive in an ever-changing, growing environment.

What You Will Do

• Serve as a key member of SCW’s Security Team by supporting and managing compliance activities and monitoring efforts across different regulations such as GDPR, SOC 2 and ISO/IEC and others as deemed necessary.
• Collaborate cross-functionally. You will support our Engineering, Product, Legal, IT, Business Operations and other internal teams with compliance to internal policies and ensuring Secure Code Warrior is adhering to security by design/default principles when it comes to our systems, information and business processes.
• Collaborate with our Sales and Revenue teams by translating complex Security requirements to understandable concepts for stakeholders and assist in the review of customer security requirements during the contracting process. In addition, you’ll take ownership of any security reviews requested by our high-touch customers as part of their procurement processes.
• Support in-depth security conversations with external Customers and Prospects Infosec teams and provide support in answering external security questionnaires.Have input and contribute to the overall security strategy and roadmap.
• Manage Incident Response, Business Continuity and Disaster Recovery Compliance Activities.
• Security Awareness Training - You’ll lead training on our security policies and procedures with employees when they start at SCW and annually thereafter.
• Vendor procurement and management. You’ll play an important part in our vendor risk assessments at the procurement stage and throughout the lifecycle of our vendor relationships.

What You Need To Succeed

• 5+ years of relevant work experience including at least 3 years in a Security or Compliance role; University degree related to Information Security, Computer Science, or related field
• Experience working in a SaaS environment
• Experience with Data Privacy standards (including GDPR compliance and Data Processing Agreements) is a plus
• Prior experience as security professional in middle to late stage start-up
• Experience working with Sales, Legal and Privacy teams as an SME for security requirements during contract negotiations.
• Experience in auditing of network, cloud, operating systems, and application technologies
• AWS cloud experience highly regarded
• Experience working with security standards and frameworks such as ISO 27X, SOC 2, NIST, FedRAMP or similar
• Led and managed SOC 2 and ISO 27001 compliance programs - highly regarded
• Experience working with AI tools, technologies and performing security/privacy reviews -  highly regarded
• Cross-functional and commercially minded. You have an appreciation for commercial drivers, which informs a pragmatic and common sense approach to problem solving without sacrificing technical accuracy.
• The ability to clearly communicate compliance requirements to internal stakeholders and external customers
• Ability to work efficiently and independently in a fast-paced, high-volume environment
• One or more compliance certifications e.g. CRISC, CISM, CISA, CISSP, ISO 27001 Implementer, Architect or Lead Auditor
• Willingness to learn. You know that security and compliance practices are constantly evolving and you are eager to keep up with any developments and subsequently implement organizational change.
• A great attitude to support others. A willingness to help other people, with an open attitude, will be essential to your success.

You're joining us at an exciting stage in our journey, and are key to our future success. You’ll have the opportunity to create impact, deliver on your ideas, and use your spark; experience and expertise to help us live long and prosper. 
Warriors have full flexibility. We appreciate that you’ll do your best work when you’re rested and energized. With our business operating globally, there’s no 9-5 grind at Secure Code Warrior. You’re encouraged to work the days, times and in the way that suits your best. We also offer generous leave and work from home options so you can make work work for you.   
We’re a tight-knit team that values humility, diversity, giving back to the community and to each other. Giving back is key to being a Warrior, and we do what we can to make the world a little bit brighter as we work to make it more secure. 
Diversity. Inclusion. They’re more than just words for us. They’re the hard-and-fast principles guiding how we build our teams, cultivate leaders and create a company where every single person feels safe and celebrated. We have a global, multicultural following—we want to reflect that inside our walls and ensure people come as they are, we like it that way!