Security Risk and Compliance Manager at Klaviyo
How you will make a difference:
- Develop and manage complex controls frameworks. Knowledge of, or experience working with Cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS) services and Cloud infrastructure
- Develop and execute methods to identify internal and external risks to data and to enhance objective, data driven risk modelsAssist and/or build controls to mitigate risk, re-engineer or assist in re-engineering new processes where required (e.g. on-boarding, off-boarding, vulnerability management, etc.) across all critical business systems
- Manage the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
- Responsible for the execution and management of security compliance certification programs across the company that our customers depend onBuild automation into the design of control to eliminate the human elements
- Build the team through personal growth and recruitment
Who You Are:
- Minimum of 7+ years of information security, IT audit and/or IT Risk Management experience
- Expert understanding of NIST CSF, ISO 27002, SOC 2, and SOX frameworks
- You’re a relationship builder and have worked with both business and technical risk and understand how to translate between the two and communicate to various levels of technical and business management.
- Have built and coached teams to be better security and privacy practitionersLike working on small, autonomous agile team.
- At Klaviyo, you will have ownership of security, but you'll collaborate with everyone to make sure we produce implement the right solutions.