As our Senior Security Risk & Compliance Specialist you will drive, design, and coordinate our Security Compliance Program to ensure customer trust, and fuel PagerDuty’s expansion into global enterprise markets. You will partner across organizational teams as a Security Compliance SME, coordinating with business and technical stakeholders to meet the demands of our global market.This role is expected to come into our Atlanta office One day per month, so you can thrive in your new role and fully embrace being a Dutonian!

How You Contribute to Our Vision: Key Responsibilities

Support the Customer Trust programs, including maintaining current and accurate customer documentation to support security responses to customer questions and customer audits; partnering with internal and external stakeholders for the Third Party Risk Program around vendor on-boarding, and vendor risk assessments.  Knowledge of compliance and regulatory frameworks and processes, including aligning policies to regulatory and business requirements; help teams design controls, automation, and reports to meet compliance requirements. Administration of both general and program specific internal security education and awareness programs. Oversees information security risk assessments, directing the development and operational effectiveness of IT security controls, along with risk tracking and management. Monitor investigations and documentation of cybersecurity compliance issues and incidents. Review information security risk findings and non-compliance with business leaders and propose solutions to mitigate risks.

Basic Qualifications

4+ years of Security risk or compliance experience in a tech environment, with credible experience and demonstrable success managing regulatory and client audits in at least one of the following compliance programs: ISO27001, FedRAMP, SOC2 Background of implementing a Security Risk program Experience with security training and education program administration  Experience redlining security language for legal agreements. Ability to work on various priorities simultaneously, with a strong bias towards action.  Leveraging great written and verbal communication skills to facilitate great stakeholder management and client experience for internal and external customers.

Preferred Qualifications

Experience with Third Party Risk Management  Experience with metrics-driven reporting including dashboards and status report generation and a focus on process improvement (automation, single pane of glass, continuous improvement)  Familiarity with Cloud Native and SaaS constructs including architectures, DevOps, CI/CD, SecOps disciplines Able to support the development of program roadmaps, partnering with stakeholders in engineering, program managers and business owners to develop related project plans and timelines. Familiarity with contemporary project, RFP, risk and issue management tools (such as SecurityPal, UpGuard and Hyperproof). A good understanding of platforms such as Monday.com, Jira and Slack.

The base salary range for this position is 117,000 - 184,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits.

Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.

Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.