Compliance Manager
AppZen, Inc.
 Tempe, AZ
AppZen delivers the world’s leading AI platform for modern finance teams. Starting with business spend, we automate manual process, uncover problems, and optimize decision making for enterprises around the globe, including one-fourth of the Fortune 500. Our platform combines patented deep learning, computer vision, and semantic analysis with intelligence from thousands of online data sources to understand financial transactions in business context and make decisions before those transactions happen. AppZen is a must have for CFOs and their teams to reduce spend, achieve compliance, and streamline process.

We’ve taken off this year! Since we released our platform in 2016, over 1,500 enterprises have standardized on AppZen, including three of the top ten banks, four of the top ten media companies, three of the top ten pharmaceutical manufacturers, two of the top five aerospace companies, and five of the top ten software providers. We were a Gartner Cool Vendor last year, have been recognized as one of the fastest-growing technology companies in the market, and we just announced $50 million in Series C funding.

Responsibilities

  • Serve as the in-house security subject matter expert and respond to internal security engineering questions
  • Proactively identify security gaps in system architecture and help implement remediations
  • Drive security awareness and best practices across application engineering teams
  • Partner with the Infrastructure team to ensure cloud and information security practices are enforced
  • Design and project manage the company's compliance program, specifically driving towards SOC2 Type 1/2 and ISO compliance
  • Design, revise, and test compliance controls
  • Collaborate with legal, IT, HR to communicate and adopt new cross-functional controls
  • Manage and report compliance related remediation to engineering teams and executive management
  • Work with third parties to provide evidence for security controls and identify potential gaps in existing controls
  • Write security and compliance policies and perform annual audits
  • Own the responses for customer security questionnaires and RFIs
  • Help hire and build out the security and compliance team, stepping into a direct management role as the team grows

Qualifications

  • B.S. in Computer Science or related discipline
  • 10+ years of experience in compliance, cloud, and security arena
  • A technical understanding of modern best practices for operating and deploying software in the cloud-native ecosystem (cloud providers, Kubernetes, containers)
  • An understanding of infosec and networking best practices including encryption, SSL/TLS, certificate management
  • Experience performing security audits and risk assessments
  • Experience managing external consultants and briefing executives on compliance progress
  • Direct experience owning and executing the compliance process to achieve at least one compliance certification. SOC2, PCI, FEDRAMP preferred
  • Demonstrated organizational, planning, and communication skills across teams
  • Pride of ownership in driving complex projects to completion