Staff Information Security Risk & Compliance

About Us

With electric vehicles expected to be nearly 30% of new vehicle sales by 2025 and more than 50% by 2040, electric mobility is becoming a reality. ChargePoint (NYSE: CHPT) is at the center of this revolution, powering one of the world’s leading EV charging networks and a comprehensive set of hardware, software and mobile solutions for every charging need across North America and Europe. We bring together drivers, businesses, automakers, policymakers, utilities and other stakeholders to make e-mobility a global reality.

Since our founding in 2007, ChargePoint has focused solely on making the transition to electric easy for businesses, fleets and drivers. ChargePoint offers a once-in-a-lifetime opportunity to create an all-electric future and a trillion-dollar market.

At ChargePoint, we foster a positive and productive work environment by committing to live our values of Be Courageous, Charge Together, Love our Customers, Operate with Openness, and Relentlessly Pursue Awesome. These values guide how we show up every day, align, and work together to build a brighter future for all of us.

Join the team that is building the EV charging industry and make your mark on how people and goods will get everywhere they need to go, in any context, for generations to come.

Reports To

Sr. Manager, Information Security Risk and Compliance

What You Will Be Doing

ChargePoint is seeking an experienced professional to lead and enhance our security risk and compliance program. The candidate will provide governance and risk management oversight, establish and manage our security policy framework and standards, help set-up GRC programs, and ensure compliance with security, contractual, and cyber regulatory requirements through control definition, implementation assistance, assessment, and process oversight.

What You Will Bring to ChargePoint

• Proven program and project management experience with tools such as Jira, Confluence, SharePoint, and GRC platforms.
• Strong understanding of cloud environments and technologies (AWS, Linux, etc.).
• Exceptional judgement, ethics, and professionalism.
• Excellent written and verbal communication skills, with the ability to understand complex business and technology environments.

Key responsibilities include:

• Independently leading risk and compliance initiatives within the Information Security team.
• Developing, managing and maturing the enterprise resiliency program, including business impact analysis, BC/ DR planning, and BCP testing.
• Driving program execution for audits, compliance checks, and external assessments (ISO 27001 v2022, PCI v4.0, SOC2, and NIST 800-53).
• Enhancing and automating our risk and compliance management program.
• Collaborating with cross-functional teams (Engineering, IT, HR, etc.) to gather artifacts and perform ongoing audits.
• Assessing and determining the design effectiveness of internal controls.
• Introducing innovative cybersecurity capabilities to enhance competitive advantage and align risk strategies with business priorities.

Requirements

• Minimum 7 years of professional experience leading GRC activities or programs.
• Experience setting up and scaling a BC/ DR program and practical experience with BC/ DR standards (ISO 22301, NIST SP 800-34, BCI Good Practice Guidelines).
• Strong interpersonal skills with an emphasis on building long-term relationships across geographies and functions.
• Detail-oriented and self-motivated, with the ability to meet deadlines in a fast-paced environment.
• Experience with security policy, standards, and controls definition across multiple compliance frameworks (PCI, SOC2, ISO, NIST etc.).
• Proficiency with GRC platforms and reporting tools, and experience presenting compliance reports to senior management.
• Experience implementing security training and awareness initiatives.
• Ability to maintain a common controls framework aligned with security standards and regulations.
• Strong understanding of frameworks such as NIST Cybersecurity, NIST SP 800-53, CIS/SANS Top 20, COSO, and leading business practices.

Preferred Qualifications:

• Strong understanding of risk management principles and practices (ISO 31000, COSO ERM, NIST SP 800-30).
• Knowledge of incident management and crisis response principles (NIMS, ICS, ISO 22320).
• Experience with various cloud and infrastructure security tools (CSPM, DSPM, ASM, FIM, etc.)
• Security and audit certifications (CISA, CISSP, etc.) are a plus.

Location

Bangalore - India or Remote 

We are committed to an inclusive and diverse team. ChargePoint is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.

If there is a match between your experiences/skills and the Company needs, we will contact you directly.

ChargePoint is an equal opportunity employer. 
Applicants only - Recruiting agencies do not contact.