Join our Talent Network
Skip to main content

Staff Governance, Risk and Compliance Specialist (TPM)

Engineering

Remote, United States

Job ID: R00294

< Back to search for jobs
Save Job Saved

Description

Confluent is pioneering a fundamentally new category of data infrastructure focused on data in motion. Have you ever found a new favorite series on Netflix, picked up groceries curbside at Walmart, or paid for something using Square? That’s the power of data in motion in action—giving organizations instant access to the massive amounts of data that is constantly flowing throughout their business. At Confluent, we’re building the foundational platform for this new paradigm of data infrastructure. Our cloud-native offering is designed to be the intelligent connective tissue enabling real-time data, from multiple sources, to constantly stream across the organization. With Confluent, organizations can create a central nervous system to innovate and win in a digital-first world.

 

We’re looking for self-motivated team members who crave a challenge and feel energized to roll up their sleeves and help realize Confluent’s enormous potential. Chart your own path and take healthy risks as we solve big problems together. We value having diverse teams and want you to grow as we grow—whether you’re just starting out in your career or managing a large team, you’ll be amazed at the magnitude of your impact.

 

About the Role:
As the Staff Governance, Risk and Compliance Specialist in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent’s platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, customer assurance, third party risk management, certification compliance and excellent program management skills. You should be experienced in creating and maintaining a risk register, facilitating security control discussions with internal and external stakeholders, customers, performing risk assessments, developing metrics programs and senior management as well as corporate governance reporting, i.e. audit committee and board of directors.

 

What You Will Do:

  • Be a risk advisor across various departments, including Engineering, Legal, privacy, and lead efforts to improve and operate our risk register and issue management programs by managing risk management activities to ensure security risks are centrally and consistently cataloged, and monitored
  • Lead Issue and action management to ensure steady progress is made towards a resolution that addresses the root cause(s) and prevents issue recurrence
  • Produce insights from our aggregated risks to highlight relevant risk trends or behaviors, and deliver periodic reporting to measure our risk posture and enable escalations where necessary
  • Provide timely and accurate reports on credit quality control findings, trends, and recommendations for enhancing processes, control environment, improving consistency of execution, and mitigating risks
  • Lead adoption of a common risk and control framework
  • Perform third-party risk assessments to maintain oversight of third-party vendors
  • Develop and deliver regular risk metrics and report to leadership and management committees such as the Security Steering Committee or the Board
  • Be a risk advisor and collaborate with SMEs, including Audit & Compliance teams, to ensure adequate processes and controls are in place to manage risk and are aligned with leading best practices
  • Evaluate the effectiveness of information security controls and performance by developing, monitoring, gathering, and analyzing information security and compliance metrics for management
  • Keep up with relevant regulations, emerging threats, forecasts, policies, and best practices, and maintain a mindset of constant innovation to consider possibilities in advancing our risk management framework
  • Lead implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our GRC processes
  • Harness synergies from security-related workflows such as security incident response, vulnerability management, and threat intelligence to build more informed risk intelligence that drives more purposeful action or recommendations

 


What You Will Bring:

  • 8+ years of relevant industry experience
  • Strong knowledge of and experience in governance, security risk management and compliance frameworks including related regulatory compliance requirements (e.g., SSAE18 (SOC 1 and 2), HITRUST, FedRAMP, PCI, ISO2700X, GDPR, ISAE 3400 and 3402, ISO 27001, HIPAA, CSA, CIS, NIST, C5, and other regulatory standards)
  • Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress
  • Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management
  • Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction
  • Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
  • Strong communication, interpersonal and leadership skills to work with both engineering and other non-technical stakeholders
  • Bachelor's degree in Computer Science, a related field, or equivalent practical experience

 

 

Come As You Are

 

At Confluent, equality is a core tenet of our culture. We are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. The more diverse we are, the richer our community and the broader our impact. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law.

 

 

At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location.  This position has an annual estimated salary of 176,900 - 203,400 USD, an annual bonus, and a competitive equity package. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click HERE.

 

Click HERE to review our Candidate Privacy Notice which describes how and when Confluent, Inc., and its group companies, collects, uses, and shares certain personal information of California job applicants and prospective employees.

 

#LI-Remote

Benefits

Best Teammates on Planet Earth

Well-Being and Growth

Robust Benefits

Flexible Paid Time Off (PTO)

Confluent is Remote-First

At Confluent, we care about how you work - not where. We encourage you to apply for positions outside of the listed job location or your immediate region.

Share this post

Product

Cloud

Solutions

Developers

About

Copyright © Confluent, Inc. 2014-2023. Apache, Apache Kafka, Kafka, and associated open source project names are trademarks of the Apache Software Foundation