Skip to main content

Information Security Lead- GRC

ChartHop

Remote
  • Job Type: Full-Time
  • Function: IT
  • Industry: Enterprise
  • Post Date: 01/11/2022
  • Website: charthop.com
  • Company Address: , New York, NY

About ChartHop

ChartHop is the world’s first organizational management platform empowering leaders and team members alike to see the past and present of their organization and design its future.

The platform automagically builds fluid, data-driven views of a company through real-time updated org charts, custom reporting, and headcount planning tools that boost efficiency and transparency across teams.

Job Description

Who we are:

ChartHop delivers a fresh take on People Analytics, bringing disparate sources of people data together in a dynamic platform that’s visual and actionable. Unlike legacy People Analytics solutions, ChartHop is designed to be used by the whole organization. This helps companies improve organizational health, drive alignment and accountability, and save time and money. 

ChartHop plays well with dozens of platforms through robust integrations across the HR tech stack, and serves companies like BetterCloud, Lightspeed, Starburst and InVision. ChartHop was founded in 2019 by Ian White and is backed by Andreessen Horowitz. 

We’re looking for skilled and motivated people to join our team! Do you want to help companies unleash the power of their people data to plan effectively and with intention? Do you have what it takes to envision the future of work, and then to take us there? Join us!

 

Security GRC Lead

We're looking for a hands-on, forward-thinking Security GRC Lead to play a key role in building out the ChartHop GRC program. This role has a unique opportunity to lead a newly formed pod (GRC/TPRM) under the Security Team at ChartHop. As a key member of the Security Team, this cross-functional role will work closely with the Sales, Customer Experience, Engineering & Product, and Finance teams. This role will also work closely with ChartHops Auditors and Customers to ensure we are continuously meeting our security, compliance, and privacy obligations.  

 

ChartHop is a fast-paced environment, and this role must keep up with the demanding pace.

We are looking for someone who views compliance as outcomes over controls, has empathy for Engineers and Developers, and who understands the complexities of a SaaS organization.

We will measure your success through:

To be determined with Manager

 

As a Security GRC Lead, you will:

  • Help build, mature, and scale ChartHops Security GRC program based on industry best practices, including Continous Compliance, Audit Management, Risk Management, Privacy Management, Vendor Security, etc.
  • Work with the Sales and Customer Success teams to complete Vendor Security Questionnaires (VSQ) for new and existing customers. 
  • Provide support, education, and training to ChartHop employees around GRC and Security Awareness requirements.
  • Lead organizational efforts to retain SOC2 Type II compliance and pursue new certifications like ISO 27001, CSA Star, and other certifications that exhibit assurance internally within the organization and externally with Partners.
  • Continuously improve Security Policies and Procedures to align with ChartHop as we scale.
  • Build and mature CharHops Vendor Security and Third-Party Risk Management program
  • Track, remediate and report on risks and oversee risk reduction through the GRC system.
  • Review and maintain DPAs with ChartHop’s Subprocessors



Requirements:

  • Proven experience supporting, maturing, or scaling Security GRC programs
  • Excellent communication skills for interacting with both technical and business professionals
  • Highly proficient in Security GRC frameworks such as ISO 27001, NIST 800-53, HIPAA
  • Ongoing familiarity with new and prevalent technologies, Saas platforms, and  Mac OS systems
  • Understand system vulnerabilities, attack surfaces, attack vectors, and tactics used in modern cyberattacks
  • Have strong analytical, problem-solving and critical thinking skills and the ability to support decisions that balance cybersecurity with ease-of-use
  • Experience leading security projects through influence, collaboration, and empathy; and very comfortable in situations requiring constrained creativity to ensure we are securing business systems and data
  • Comfortable dealing with ambiguity, change, and conflicting priorities

 

Unsure if you meet the qualifications? We encourage Information Security professionals who are passionate about this work to apply!

 

Our Core Values:

We're building ChartHop to be the best People Software on the planet and that starts with hiring the best people globally. We’re building an inclusive culture we’re looking for people who embrace our core values:

  • Fast: Move with intentional speed.
  • Inclusive: Welcome our differences.
  • Transparent: Trust, collaborate, share.
  • Optimistic: Dream big, think practically.

 

Perks and Benefits:

  • Health/benefits coverage (Medical, Dental, Vision, Life insurance, Long term and Short term disability, many more) 
  • MacBook Pro
  • Work from home supplies stipend
  • Professional development stipend
  • Vacation days 
  • 401K
  • Parental leave
  • Pet insurance
  • Mental Health benefits 
  • Many more 

 

Salary range - $100K- $115K base plus bonus and equity

 

Please note, our salary ranges are based on current market data. Should you feel strongly that we are not in line, we highly recommend you to reach out and let us know. We are always looking to improve on building the best place for employees!

 

ChartHop is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.

We use cookies to customize your user experience. Click “Agree” if you agree with our Policy.