Director, GRC & Security

Posted 2024-09-20

📍 Location: United States

💸 Salary: $180,000 - $230,000 USD Annually

🔍 Industry: Cybersecurity

🗣️ Languages: English

🪄 Skills: AWSCybersecurityStrategyCommunication SkillsCollaboration

Ability to self-manage work and meet important deadlines in a fast-paced, rapidly evolving environment.
Strong track record of successful collaboration across a diverse range of stakeholders, including internal teams (Engineering, Legal, etc.) as well as external parties (auditors, contractors, etc.).
Excellent communication skills, with the ability to effectively translate needs and requirements across Engineering, Security and Legal disciplines.
Familiarity with modern security controls and concepts and ability to apply those concepts well enough to translate compliance requirements into modern, safe, efficient and effective controls.
Experience leading compliance initiatives, such as SOC2, ISO 27001, PCI DSS, HIPAA, FedRAMP, etc. at a high-growth cloud-based company.
Experience defining, documenting, updating and mapping controls, policies, procedures, exceptions, risks, assets, vendors and people.
Firm technical grasp on cloud, cloud security, and engineering workflows, with specific experience in organizations that use AWS and Github.
Preferred candidates: experience creating and maintaining compliance artifacts in Drata (or similar system).
Preferred candidates: Experience communicating directly with customers through activities such as answering compliance documentation questions or sales enablement calls.

Leading and building Panther’s Security and Compliance organization, and participating in the build out of Panther’s IT organization.
Partnering closely with internal teams such as IT, Sales, and Engineering to improve operational efficiency and achieve business outcomes beyond strictly compliance.
Acting as the primary conduit for communication between Panther’s engineering organization and external security and compliance partners (including auditors, ongoing security advisors, pentesters, and short-term contractors).
Collaborating with other leaders across the company to develop an ongoing compliance strategy that drives quality and unlocks sales.
Owning Panther's existing compliance programs (SOC2, ISO 27001, and PCI DSS), ensuring continuity for Panther's certifications.
Leading Panther’s audit processes end to end, including directly interacting with auditors during assessments.
Identifying and implementing improvements to Panther’s compliance programs to reduce operational burden and complexity.
Implementing new compliance programs at Panther, such as FedRAMP, HIPAA, and others, partnering with external subject matter experts when appropriate.
Defining, executing, measuring, monitoring and reporting on compliance controls and initiatives, and maintaining all related documentation in Drata.