Sysdig is the secure DevOps company, and we’re at the forefront of the container and Kubernetes revolution. We are passionate, technical problem-solvers, continually innovating and delivering powerful solutions to secure and operate cloud-native applications in production. Our consistent contributions to open source software projects reflect our commitment to the open cloud movement.
We value diversity and open dialog to spur ideas, working closely together to achieve goals. And we're a great place to work too — we were awarded the 2019 Bay Area Best Places to Work Award from San Francisco Business Times and the Silicon Valley Business Journal. We are looking for team members who share our commitment to customers and are willing to dig deeper, understand problems and deliver innovative solutions. Does this sound like the right place for you?
If you are a security and compliance leader with a passion for driving security awareness and best practices throughout the company, we would like to connect. Ideally, you have strong technical expertise operating and deploying software in the cloud-native ecosystem.
Sysdig is looking for a Head of Security & Compliance to lead the security practices for our Cloud SaaS platform and be the owner of our Compliance program. This is a multi-functional role where you will have a large impact and high visibility across engineering and the entire company. This role will directly empower new business opportunities.
As the Head of Security and Compliance, you will be the foundational member of a new team at Sysdig. As a company in the cloud security space, this role is not about checking boxes, but ensuring that we are providing the most secure platform for our customers and cementing leadership in the industry.
- Serve as the in-house security subject matter expert and respond to internal security engineering questions
- Proactively identify security gaps in system architecture and help implement remediations
- Drive security awareness and best practices across all teams
- Partner with the Infrastructure team to ensure cloud and information security practices are enforced
- Design and project manage the company’s compliance program, specifically driving towards SOC2 Type 1/2 and PCI compliance
- Develop, implement and enforce security and compliance policies and controls
- Collaborate with legal, IT, HR to communicate and adopt new cross-functional controls
- Manage and report compliance-related remediation to engineering teams and executive management
- Work with third parties to provide evidence for security controls and identify potential gaps in existing controls
- Conduct continuous audits to verify the operating effectiveness of security controls
- Own the responses for customer security questionnaires and RFIs
- Help hire and build out the security and compliance team, stepping into a direct management role as the team grows
- A technical understanding of modern best practices for operating and deploying software in the cloud-native ecosystem (cloud providers, Kubernetes, containers)
- An understanding of infosec and networking best practices including encryption, SSL/TLS, certificate management
- Experience performing security audits and risk assessments
- Experience managing external consultants and briefing executives on compliance progress
- Direct experience owning and executing the compliance process to achieve at least one compliance certification; SOC2, PCI, FEDRAMP preferred
- Demonstrated organizational, planning, and communication skills across teams
- Pride of ownership in driving complex projects to completion
When you join Sysdig, you can expect:
- Competitive salary
- Top-notch health insurance coverage
Additionally, we offer a variety of benefits and perks, such as:
- 401k with company matching up to 3%
- Flexible vacation policy
- Monthly self-improvement grant – spend on yourself however you see fit!
- Weekly team lunches and snacks every day of the week
- Monthly house cleaning allowance
- Fun team with company events and lots of espresso
Are you ready to join us?
We're excited to receive your application.