[Evergreen] Head of Security and Compliance (Director Level)
Anywhere, US
Dialpad
Communicate with customers on every channel & uncover more insights with Dialpad's AI-powered customer intelligence platform. Try it for free!About Dialpad
Work Beautifully
Dialpad is the leading Ai-Powered Customer Intelligence Platform that is transforming how the world works together. Based on 4 billion minutes of analyzed voice and meetings data and growing, we have designed one, beautiful workspace that seamlessly combines the most advanced Ai Contact Center, Ai Sales, Ai Voice, and Ai Meetings with Ai Messaging. More than 30,000 innovative brands and millions of people use Dialpad to unlock productivity, collaboration, and customer satisfaction with real-time Ai insights. With initial funding and leadership from Google and leading venture capitalists such as ICONIQ and Andreessen Horowitz, Dialpad has over $200M in ARR and is one of the fastest growing Ai companies in the world.
About The Role
Dialpad is looking for a strategic and experienced Director to head our Security and Compliance aka Trust team. The individual will lead efforts in the areas of corporate security, product security, infrastructure security, standards compliance, and risk management. An ideal candidate is someone who has strong knowledge and experience in leading implementations of security technologies, policies, and procedures within a corporate security environment, and can work with engineers to secure web applications, cloud infrastructure and on-prem infrastructure. As a leader in the organization you will be working across various operational and business teams such as Legal, Sales, IT, Support and Engineering in implementing and maintaining a comprehensive security and compliance program to protect our organization's data, systems, and assets while ensuring adherence to relevant regulations and industry standards. The role will report to the SVP of Engineering.
Key Responsibilities
- Lead the security and compliance team including GRC Analysts and Security Engineers, to foster a culture of security awareness and partnership across the organization.
- Integrate security and compliance measures in the product development and deployment processes.
- Build and maintain effective security controls across the organization which meet industry standards such as SOC2, ISO 27001, ISO 27017, 27018, PCI HIPAA, GDPR, etc.
- Plan and coordinate with executive staff across disciplines to achieve compliance with additional standards and to make adjustments as required by existing standards.
- Report regularly to executive staff and board leadership on control maturity, gaps and risks.
- Lead incident response efforts across the organization for incidents associated with confidentiality and security.
- Ensure the company stays up to date with modern security practices, attack vectors, industry trends, defensive tools and regulatory changes.
Key Skills
- At least 8 years of leadership experience in security and compliance.
- At least 4 years of experience in direct people management of individuals working within security, engineering, or IT.
- Familiarity with quantifiable risk assessment methodologies and maturity models.
- Experience implementing and monitoring security and privacy controls within an agile software company. Building automation frameworks for implementation and monitoring of controls across multiple systems.
- Experience with AICPA Trust Service Principles for SOC2, Cloud Security Alliances Common Controls Matrix, and ISO 27001, 27017, and 27018. objectives.
- Excellent organizational and communication skills to prioritize tasks based on risk levels and communicate with different parts of the organization on the business impact of risks.
- Working with remote teams across global time zones.
Nice to have
- Bachelors in Information Security, Information Systems, Computer Engineering or related field.
- Advanced degree or relevant certifications such as CISSP, CISM, CISA, etc.
- Experience with Google Cloud Platform for technical controls implementation and monitoring
- Experience with PCI or FedRAMP Compliance
- Experience within an IT Audit or Advisory role
Dialpad benefits and perks
Culture
We’ve been named a Top Workplace seven times, and a big part of this is because of our collaborative culture that elevates our teammates, celebrates wins, and brings together passion and talent.
Compensation and equity
Teamwork makes the dream work, and Dialpad offers competitive salaries in addition to stock options because each and every Dialer participates in our success.
Benefits, time-off, and wellness
An apple a day keeps the doctor away—and it doesn’t hurt that we offer flexible time off and great options for medical, dental, and vision plans for all employees. Along with that, employees also receive a monthly stipend to help cover your cell phone bill, home internet bill, home office equipment, gym membership costs, a variety of wellness events, and more!
Continuing education
Dialpad offers a yearly stipend for continued learning and education expenses.
Diversity, Equity, and Inclusion (DEI) at Dialpad
At Dialpad, we are passionate about Doing the Right Thing. This means we are committed to building a values-driven culture that celebrates identity, inclusion and belonging. As a global company, it’s our responsibility to come together to create a culture where all Dialers can Work Beautifully, Delight Our Users, and Innovate Continuously to bring our world-class product to life.
Every Voice Matters at Dialpad. We build community through our Employee Resource Groups, company-wide celebrations, service days, and a robust internal learning & development program focused on the success of our Dialers.
Don’t meet every single requirement? Studies have shown that women and marginalized groups are less likely to apply to jobs unless they meet every single qualification. At Dialpad we are dedicated to building an inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
Dialpad is an equal-opportunity employer. We are dedicated to creating a community of inclusion and an environment free from discrimination or harassment.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Audits Automation CISA CISM CISSP Cloud Compliance FedRAMP GCP GDPR HIPAA Incident response ISO 27001 Monitoring Privacy Product security Risk assessment Risk management SOC 2
Perks/benefits: Career development Cell phone stipend Competitive pay Equity Fitness / gym Flex hours Flex vacation Gear Health care Home office stipend Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs