Manager, Security Trust & Compliance

KlaviyoBoston, MA
54d
Match Resume

About The Position

At Klaviyo, we're on a mission to empower creators to own their destiny. Our AI-first B2C CRM platform empowers 176,000+ brands in 80+ countries to cultivate relationships with hundreds of millions of consumers. We love solving hard problems and look for people who specialize in certain areas while being passionate about building, owning, and scaling solutions end-to-end, overcoming any obstacle in their way. We are a team of ambitious, customer-obsessed peers who are insatiably curious and meticulous in our craft. We push each other to grow beyond our comfort zone, learn new things, and work hard to ensure each day is better than the last. About this role Within our Information Security department, the Security Trust & Risk (STAR) group enables Klaviyos to take smart, disciplined risks while bolstering customer trust. To that end, within STAR, our Security Trust & Compliance team drives the following programs: Compliance operations & audits (for SOC 2, ISO 27001, ISO 27017, PCI, and SOX ITGCs) Continuous control monitoring Security policies & standards Security education & awareness Customer trust operations & enablement (e.g. security questionnaires, customer calls, trust center administration, tech partner due diligence, etc.) Identity governance (e.g. user access reviews, just-in-time access workflows, just-enough-access audits/remediation) Privacy operations in partnership with Legal (e.g. data subject requests, records of processing activities, etc.) We're seeking a highly motivated Manager of Security Trust & Compliance to lead and support a talented team of GRC practitioners to drive the continuing evolution of these programs. You'll partner closely with cross-functional teams, such as Engineering, Sales, Legal, IT, Security, Internal Audit, and more. Through all of this, you'll help Klaviyo scale securely, sustainably deliver more value for our customers, and bolster their trust in us.

Requirements

  • A strong bias toward evidence, logic, math, and reason when communicating risk (instead of fear, uncertainty, and doubt)
  • A strong bias toward "guardrails, not gates" and "paved security roads" philosophies (instead of rigid "centralized command-and-control" processes and operating styles)
  • Excellent ability to plan, prioritize, and deliver results cross-functionally and in a timely fashion
  • Proficiency discussing complex, nuanced topics with technical & non-technical audiences alike, especially software engineers
  • Strong alignment with Klaviyo's core values
  • Experience leading, developing, and managing teams of individual contributors, with an intentional focus on fostering diversity and belonging throughout the entire employee lifecycle
  • Broad and deep understanding of modern cloud-native web application architectures and related security best practices, especially in the context of AWS, Kubernetes, and AI
  • Experience implementing Compliance Automation products, such as Drata, Vanta, Anecdotes, HyperProof, etc.
  • Experience executing/leading compliance programs for SOC 2, ISO 27001, ISO 27017, ISO 27018, PCI, HIPAA, GDPR, CCPA, and NIS2
  • Experience executing/leading core governance, compliance, and trust programs, such as continuous control monitoring, security policies & standards, security education & awareness, and customer trust operations
  • Experience applying GRC Engineering principles and values in practice, especially with regard to automation, systems + design thinking, and threat-informed GRC

Nice To Haves

  • Experience with SQL, building tools with REST APIs, and Python
  • Experience implementing Identity Governance tools and processes, such as for user access reviews (UARs) and just-in-time access (JITA)
  • Experience working in security operations, security engineering, and/or security architecture roles

Responsibilities

  • Lead, support, and develop our Trust team, helping your team members with professional development, goal achievement, and partnering effectively across Klaviyo
  • Partner with STAR team leadership to plan, oversee, and drive execution of our projects and operations to ensure timely delivery of high-quality business outcomes
  • Define a compelling vision/strategy for our Trust programs to continuously improve the efficiency and effectiveness of how we drive governance, cultivate culture, uphold compliance, and bolster trust
  • Continuously seek out and prioritize high-value opportunities for the Trust team to use AI and automation to streamline our processes and eliminate toil
  • Drive cross-functional alignment between the CISO organization and partner teams to ensure Trust-related priorities are strongly aligned with department- and company-level goals/OKRs

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Manager

Industry

Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

Education Level

No Education Listed

Number of Employees

1,001-5,000 employees

Job Search Resources

Similar Manager, Security Trust & Compliance job opportunities

Security Compliance Manager
Hive
Hive • San Francisco, CA9d • $140,000 - $180,000
Compliance Manager, Customer Trust & Third Party Risk
Figma
Figma • San Francisco, NY12d • $149,000 - $288,000 • Hybrid
Enterprise Security Compliance Manager
Latham & Watkins LLP
Latham & Watkins LLP • Los Angeles, CA11d • $190,000 - $210,000 • Hybrid
Enterprise Security Compliance Manager
Latham & Watkins LLP
Latham & Watkins LLP • Los Angeles, CA10d • $190,000 - $210,000 • Hybrid
Security Compliance Program Manager
HealthVerity
HealthVerity • Philadelphia, PA8d • $90,000 - $130,000 • Hybrid
Cyber Security Compliance Manager
ThreatLocker
ThreatLocker • Orlando, FL7d • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service