Security Risk and Compliance Manager
Klaviyo is looking for a Security Risk and Compliance Manager to take ownership of identifying and evaluating security risk, building and developing controls, identifying areas for improvement, and helping mature the information security and privacy programs. You’ll be in-charge to ensure we have appropriate controls in place that are designed appropriately and operating effectively as be a valued member of the Security and Trust team at Klaviyo.
How you will make a difference:
- Develop and manage complex controls frameworks. Knowledge of, or experience working with Cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS) services and Cloud infrastructure
- Develop and execute methods to identify internal and external risks to data and to enhance objective, data driven risk modelsAssist and/or build controls to mitigate risk, re-engineer or assist in re-engineering new processes where required (e.g. on-boarding, off-boarding, vulnerability management, etc.) across all critical business systems
- Manage the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
- Responsible for the execution and management of security compliance certification programs across the company that our customers depend onBuild automation into the design of control to eliminate the human elements
- Build the team through personal growth and recruitment
Who You Are:
- Minimum of 7+ years of information security, IT audit and/or IT Risk Management experience
- Expert understanding of NIST CSF, ISO 27002, SOC 2, and SOX frameworks
- You’re a relationship builder and have worked with both business and technical risk and understand how to translate between the two and communicate to various levels of technical and business management.
- Have built and coached teams to be better security and privacy practitionersLike working on small, autonomous agile team.
- At Klaviyo, you will have ownership of security, but you'll collaborate with everyone to make sure we produce implement the right solutions.
Get to know Klaviyo
Klaviyo is the world’s leading owned marketing platform known for accelerating revenue for online businesses using the channels they own like email, web, and mobile. Enabling companies to leverage these owned marketing channels, Klaviyo makes it easy to store, access, analyze and use transactional and behavioral data to power highly-targeted customer and prospect communications. And unlike other marketing platforms, Klaviyo doesn’t force companies to compromise between advanced functionality or ease of use - so companies of all sizes are able to maximize their sales quickly. That’s why over 28,000+ innovative companies like Unilever, Custom Ink and Eventbrite sell more with Klaviyo.