Security, Trust and Compliance Lead

August 10

Apply Now

Receive Emails with Similar Jobs

Agiloft

WebsiteLinkedInAll Job Openings

The global standard in no-code contract lifecycle management (CLM) software.

Contract Management • Customer Support • BPM • CLM • Automation

201 - 500

💰 $45M Private Equity Round on 2020-08

Description

• Maintain the security response library for RFPs using Responsive (formerly RFPIO). • Act as the primary interface for the InfoSec team in completing client security and Third Party Risk Management (TPRM) related Due Diligence Questionnaires with tailored, concise, and high-quality responses. • Manage our trust portal and ensure that the content is up-to-date and accurate. • Attend meetings with prospects and customers as the subject matter expert (SME) for security and compliance frameworks. • Act as a security liaison to support pre-sales efforts in collaboration with the Sales Team and Account Executives. • Support post-sales and implementation efforts by providing security information to the Customer Success Team. • Run Agiloft’s vendor risk management program, including reviewing and approving new vendors, conducting annual reviews of existing vendors, and managing the vendor list in Hyperproof. • Manage the risk assessment process, including maintaining a risk register and scheduling and facilitating risk meetings. • Document risk exceptions, risk acceptances or informational updates as required, track for appropriate remediation plans disclosure and provide clear and concise risk assessment results. • Other duties as assigned.

Requirements

• Familiarity with ISO 27001, SOC 2 Type 2, ISO 27701, NIST, GDPR, CCPA/CPRA, and other cybersecurity and privacy frameworks and regulations. • Experience participating in security certification audits. • Experience presenting on cybersecurity, particularly in customer-facing roles. • Knowledge of cybersecurity best practices and organizational approaches to compliance. • Excellent computer, communication, and documentation skills, including editing and proofreading. • Minimum of 3 years of experience in IT, GRC, or InfoSec. • Ability to handle moderate to deep technical security questions related to Agiloft’s SaaS products, overall security posture, and processes. • Experience communicating with technical and non-technical stakeholders to achieve meaningful security outcomes. • Meticulous attention to detail.