Job Details

COMPLIANCE SPECIALIST, TRIPWIRE

Company

Tripwire

Published

2021-05-10

Closes

 

Location

Portland, Oregon, United States

Category

Legal

Type

Full-time

Description


Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire's portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter@TripwireInc.

Tripwire is just one of the many brands that make up Belden's impressive portfolio. Belden is a multi-billion dollar global organization of 10,000 talented people that supports the mission-critical network infrastructure and audio visual broadcast needs of many of the world's best-known brands, placing us at the heart of the global transformation to a truly connected world. We are seeking driven, results-oriented team members to help us continue to grow and succeed.

General Summary

Tripwire seeks a compliance champion who excels at balancing strategic thinking with tactical, detailed execution. The successful candidate is passionate about privacy, security, and user experience and has a track record of driving innovative process solutions across the business in a timely manner. This role requires expertise, strong collaboration skills, and frequent interactions with cross-functional team members at all levels of the business.

This role reportsto the Head of Legal and is not supervisory in nature. This is a new role; you will join an existing legal team of four and regularly collaborate with R&D DevOps, Technical Support and IT Business Operations. We value our team's strong reputation as creative problem solvers and business partners with a good sense of humor. You can expect a collaborative environment with open and honest communication. This role is open to candidates remotely in the USA, with a preference to candidates local to Portland, Oregon.

Responsibilities

  • Research and monitor regulatory requirements and trends applicable to Tripwire internal operations (e.g. SOX, SOC1 SOC2, ISO 27001, NIST 800-53, ISO 27001) to inform compliance program requirements. This includes monitoring, analyzing, and reporting on information privacy compliance and maintaining current knowledge of relevant state, federal and international laws and regulations.
  • Research and monitor regulatory requirements and trends applicable to Tripwire market verticals (e.g. NERC, HIPAA, etc.) to inform enablement of Tripwire customers# compliance during their interactions with Tripwire.
  • Refine compliance program, including documentation of existing internal controls and governance, assessing andimplementing process improvements, and developing and communicating policies/plans to internal stakeholders while empowering rapid SaaS innovation and growth.
  • Serve as the primary point of contact for a variety of compliance matters. Responsibilities include: completing customer information security questionnaires, gathering customer requirements, conducting third-party due diligence reviews, making risk assessments, and providing solutions to remediate/mitigate compliance risks.
  • Partner with cross-functional teams to create processes and drive compliance solutions.
  • Provide guidance to IT, Engineering, Operations, and Marketing teams to ensure compliance with applicable global regulatory requirements.
  • Advise on the regulatory obligations specific to Tripwire's business. This will require knowledge of the company's software supply chain to understand where inherent risk resides, analytical skills to accurately assess compliance risk, and business judgement to make qualified decisions under time pressure.
  • Identify and implement a compliance data software management system.
  • Conduct cross-functional training on various compliancetopics.


Required Skills and Experience

  • BA/BS degree or equivalent job experience
  • ~3 years of demonstrated experience within a corporate compliance, risk, audit, or legal department at a tech company
  • A proven track record of applying security and privacy subject matter expertise to the successful and timely delivery of production ready software to a large user base ##Experience managing audit remediation and process improvement projects
  • Strong cross-group collaboration skills and the ability to manage projects in parallel
  • Comfort discussing complex issues with senior and execution management teams
  • Strong analytical, organizational, project management, written and verbal communication skills
  • Ability to demonstrate enthusiasm, integrity, ingenuity, results-orientation, self-motivation, and resourcefulness in a fast-paced environment


Preferred
  • 5+ years of directly applicable work experience at a software company
  • Certified Information Privacy Professional (CIPP)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Compliance & Ethics Professional (CCEP)
  • Experience with one or more compliance data management software systems


We are focused on building a diverse and inclusive workforce. If you are excited about this role, but do not meet 100% of the requirements listed above, we encourage you to apply.

Benefits of working at Tripwire
  • Comprehensive health coverage including medical, dental, and vision
  • 401(k) retirement savings options with company stock matching contribution
  • Participation in company bonus plan (based on personal jobperformance, and Tripwire#s overall performance)
  • Flexible Time Off Program
  • Paid parental leave
  • Employee Life Assistance Program (LAP)
  • Business travel accident insurance


The salary range for this position is $75,000 - $110,000. This information is provided pursuant to the Colorado Equal Pay for Equal Work Act to provide Colorado applicants with information about what they may be eligible to receive. Individual pay decisions will depend on job-related factors such as experience, education, skill, and geographic location where work will be performed. Benefits listed above may vary depending on the nature of your employment with Tripwire and the country where you work.

Our Commitment to DEI

Tripwire is committed to bettering the lives of our employees and we are constantly looking to improve our approach to diversity, equity, and inclusion. Black lives matter. Gender equity matters. And the best outcomes are achieved when professionals with differing backgrounds, abilities, orientations, and religions work side by side and on equal footing. It's important to us to create an environment where employees can bring their whole, authentic selves to work.

Tripwire is on a journey to reaffirm and expand our commitment to diversity, equity, and inclusion. We strive to learn and grow together, and to use our voice within cybersecurity community to actively promote a culture of inclusion. We are actively assessing our policies and investing in improvements in areas such as our internal DEI team, HR policies, hiring processes, donation matching and volunteer programs, and driving financial contributions towawrd underrepresented individuals in our community.

At Tripwire our culture is one where you perform at your best, where you trust your teammates, and where work doesn't feel so much like work. We recognize and appreciate the contribution of all our employees. We value customer service, working with teams and thriving in an environment of continuous change. We play to win!

Tripwire provides equal employment opportunities to all qualified employees and applicants for employment without regard to race, religion, sex, age, marital status, national origin, sexual orientation, disability, veteran status, or any other legally protected status. We prohibit discrimination in decisions concerning recruitment, hiring, compensation, benefits, training, termination, promotions or any other condition of employment or career development.