logo inner

Sr. Compliance Specialist

HashiCorpBengaluru, IndiaOnsite

Senior Compliance Specialist (Security GRC) 


About the Role 


We are looking for a Senior Compliance Specialist (Security GRC) to join the Security GRC team at HashiCorp. In this role you will focus on leading efforts to execute/facilitate ongoing compliance controls and processes, including performing user access reviews, tracking gaps and remediation plans, following up on overdue security training, and others. You will also perform controls testing and internal audits, and work with teams on control rollout and validation as needed.We are looking for a self-motivated individual who thrives in a fast-paced environment, can seamlessly drive efforts across multiple projects, and work with various stakeholders. Security at Hashicorp is a remote team.

While prior experience working remotely isn’t required, we are looking for team members who can perform well given a high level of independence and autonomy. 

In this role, your responsibilities will include: 


  • Monitoring and tracking of control exceptions, if applicable, for timeliness of remediation 
  • Monitoring and tracking of approved policy exceptions, if applicable, for upcoming expiration dates, performing outreach 30-60 dates before expiration. 
  • Perform internal audits, including the annual ISO internal audit
  • Perform targeted and ongoing controls testing, and identifying opportunities for automation
  • Document the scope/boundaries of the compliance program (cloud accounts, repositories, Github teams, etc.) including updates, removals and additions. 
  • Help drive the maturity of HashiCorp’s Common Controls Framework
  • Identify opportunities to automate manual tasks, including continuous monitor of controls and audit evidence collection
  • Drive the initiation and completion of User Access Reviews (UARs) on a quarterly basis 
  • Collect and report on metrics and data related to GRC processes, including access reviews and exceptions
  • Monitoring of Security Awareness Training (SAT) and Secure Development Training for completion, and following up on incomplete and overdue training
  • Support making changes to the controls framework using Github
  • Help develop and document minimum control test procedures for each control in the controls framework
  • Perform reviews of mappings in the controls framework to associated materials, such as the Security Policy, Security Exhibit, etc. upon changes being made to those materials 
  • Support the development of audit documentation such as prep agendas, walkthrough agendas, etc.
  • Support and perform other GRC work and initiatives as assigned and needed

Must have qualifications


  • Minimum of 8 years of related professional security, risk and compliance experience
  • Previous experience in a cloud environment, preferably AWS and/or Azure
  • Advanced level knowledge either SOC 2 or ISO 27001
  • Comfortable working with both deeply technical and non-technical people 
  • Flexible in daily hours (e.g., willingness to work longer hours during end of quarter and peak periods, and audit) 
  • Highly responsive 
  • Ability to prioritize and track multiple projects and tasks in parallel

Desired Qualifications


  • Experience working in a large, multi-cloud environment
  • Deep understanding of common security compliance frameworks, attestations and certifications
  • Previous experience at a technology or SaaS company in a similar role 
  • Experience working with OSCAL 
    LI-AD1
    #LI-Hybrid

Life at HashiCorp

HashiCorp was founded by Mitchell Hashimoto and Armon Dadgar in 2012 with the goal of revolutionizing datacenter management: application development, delivery, and maintenance. The datacenter of today is very different than the datacenter of yesterday, and we think the datacenter of tomorrow is just around the corner. We're writing software to take you all the way from yesterday to today, and then safely to tomorrow and beyond. Physical, virtual, containers. Private cloud, public cloud, hybrid cloud. IaaS, PaaS, SaaS. Windows, Linux, Mac. These are just some of the choices faced when architecting a datacenter of today. And the choice is not one or the other; instead, it is often a combination of many of these. HashiCorp builds tools to ease these decisions by presenting solutions that span the gaps. Our tools manage both physical machines and virtual machines, Windows, and Linux, SaaS and IaaS, etc. And we're committed to supporting next-generation technologies, as well. HashiCorp was founded and continues to be run by the primary authors of all our core technologies powering thousands of companies worldwide. We speak at conferences and write books related to application and infrastructure management. All our foundational technologies are open source and developed openly, and have been since 2010. The Tao of HashiCorp is the foundation that guides our vision, roadmap, and product design. As you evaluate using or contributing to HashiCorp's products, it may be valuable to understand the motivations and intentions for our work. Learn more about the Tao of HashiCorp here: https://www.hashicorp.com/tao-of-hashicorp
Thrive Here & What We Value- Collaborative and Supportive Work Environment- Agile Methodologies- Customer-Centric Approach- Continuous Learning and Improvement- Innovation and Creativity- Outstanding Customer Experiences- Flexible Working Arrangements- Comprehensiveness over Point Solutions- Investment in Deployment Options
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2024