Engineering

Head of Security & Compliance

San Francisco

Sysdig is looking for a Head of Security & Compliance to lead the security practices for our Cloud SaaS platform and be the owner of our Compliance program. This is a multi-functional role where you will have a large impact and high visibility across engineering and the entire company. This role will directly empower new business opportunities.

Sysdig is the cloud-native intelligence company, and we’re at the forefront of the container and microservices adoption in the enterprise. We make reliable, secure containers a reality for enterprises everywhere.

We’re passionate about solving the most complex operational challenges that companies face when they transition to Kubernetes, Docker, and cloud-native architectures at a massive scale. We’ve raised over $100M and are putting that to work in the world’s largest banks, governments, tech companies and… well, just about everywhere. And we're a great place to work too — we were awarded the 2019 Bay Area Best Places to Work award from San Francisco Business Times and the Silicon Valley Business Journal.

Sysdig was born as Open Source software, so your work here will cross the divide between developer-led OSS and battle-tested commercial software at scale. We’re proud that our open source tools (https://www.sysdig.com/opensource) are widely used and loved by technologists and developers. Falco, our open source container security project is now a part of the Cloud Native Computing Foundation and rapidly gaining community adoption.

As the Head of Security and Compliance, you will be the foundational member of a new team at Sysdig. As a company in the cloud security space, this role is not about checking boxes, but ensuring that we are providing the most secure platform for our customers and cementing leadership in the industry.

What You’ll Be Doing

  • Serve as the in-house security subject matter expert and respond to internal security engineering questions
  • Proactively identify security gaps in system architecture and help implement remediations
  • Drive security awareness and best practices across application engineering teams
  • Partner with the Infrastructure team to ensure cloud and information security practices are enforced
  • Design and project manage the company’s compliance program, specifically driving towards SOC2 Type 1/2 and PCI compliance
  • Design, revise, and test compliance controls
  • Collaborate with legal, IT, HR to communicate and adopt new cross-functional controls
  • Manage and report compliance related remediation to engineering teams and executive management
  • Work with third parties to provide evidence for security controls and identify potential gaps in existing controls
  • Write security and compliance policies and perform annual audits
  • Own the responses for customer security questionnaires and RFIs
  • Help hire and build out the security and compliance team, stepping into a direct management role as the team grows

 

What You Should Bring

  • A technical understanding of modern best practices for operating and deploying software in the cloud-native ecosystem (cloud providers, Kubernetes, containers)
  • An understanding of infosec and networking best practices including encryption, SSL/TLS, certificate management
  • Experience performing security audits and risk assessments
  • Experience managing external consultants and briefing executives on compliance progress
  • Direct experience owning and executing the compliance process to achieve at least one compliance certification. SOC2, PCI, FEDRAMP preferred
  • Demonstrated organizational, planning, and communication skills across teams
  • Pride of ownership in driving complex projects to completion

 

Why Join Sysdig

Cloud-native is fundamentally changing how organizations build and run applications to fully take advantage of the cloud computing model. Sysdig is the cloud-native intelligence company making it happen. Join us and you’ll be working at the cutting-edge of infrastructure technology and the birth of an entirely new industry.  Be the one that solves the hard challenges of operating Kubernetes and Containers at scale – and have fun doing it with a great group of people.

When you join Sysdig, you can expect:

  • Competitive salary
  • Topnotch health insurance coverage
  • We offer the best of both worlds: we’re a well-funded startup ($121.5 million) with a 300+ enterprise customer base (300 and counting)

 

Additionally, we offer a variety of benefits and perks, such as:

  • 401k with company matching up to 3%
  • Flexible vacation policy
  • Monthly self-improvement grant – spend on yourself however you see fit!
  • Weekly team lunches and snacks every day of the week
  • Monthly house cleaning allowance
  • Fun team with company events and lots of espresso

Are you ready to join us?

We're excited to receive your application.

Sysdig is an Equal Opportunity Employer.

We do not discriminate on the basis of race, color, national origin, religion, gender, age, veteran status, sexual orientation, marital status or disability (in compliance with the Americans with Disabilities Act) with respect to employment opportunities.