Job Summary:
The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information.
We are looking for a high-performing Senior Analyst, Compliance who can thrive in a fast-paced and challenging environment. In this role, you will assist in building out Rubrik’s compliance and controls framework, drive continuous improvement and strengthen Rubrik’s controls without placing an undue burden on the business. Furthermore, you will be interfacing with departments including information security, engineering, product and legal to position the company to meet regulatory requirements and certifications and to represent our technology controls environment to customers as necessary.
Where you can make an impact:
- Support compliance projects such as ISO 27001, SOC 1 - SOC 3, BSI C5, HITRUST, EU-US Privacy Shield, etc.
- Coordinate internal and external audits of the Rubrik compliance/controls environment with process owners, external auditors and internal auditors.
- Collaborate with process owners to prioritize projects and solutions to reduce risk and improve compliance.
- Translate complex topics and standards into requirements everyone can understand.
- Accurately and effectively communicate about Rubrik’s compliance program to internal stakeholders.
- Educate and train process owners within the Rubrik controls framework.
Experience Needed:
- 4-8 years experience in Information Technology, Information Security, Information Security Compliance and/or Auditing
- BA/BS in a business-related field and/or equivalent years of experience working with software industry/cloud product experience preferred
- Familiarity with security and privacy standards such as SOC, ISO 27001, ISO 27018, HITRUST etc.
- Demonstrated experience in the development and management of a comprehensive compliance program that balances risk and the needs and goals of the business
- Demonstrated success working with internal audit, external auditors, outside consultants, and outside counsel
Preferred Qualifications:
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff
- Equally comfortable working with other members of the team, as well as independently.
- Strong technical foundation to be able to develop Rubrik compliance best practices based on compliance requirements and Rubrik systems and processes.
- Ability to manage multiple projects and deliver quality work to deadlines
- CISA, CISSP, CIA, or other related certifications preferred
