Find your perfect fit.

Great companies are being built by amazing teams. Come be a part of it.
At Menlo Ventures, we invest in companies that will change how we live and work. To do that, they need creative thinkers, problem solvers, builders, and business leaders. They look to Menlo for help building their teams.
Tell us more about your professional DNA to get discovered by the companies we back.

Compliance Engineer

Abnormal Security

Abnormal Security

Bengaluru, Karnataka, India · Sterling, VA, USA
Posted on Thursday, April 20, 2023

About the Role

Abnormal Security is looking for a Compliance Analyst to join the Security Governance, Risk & Compliance (GRC) team. The GRC team owns the programs related to ensuring compliance with company security policies and standards as well as customer trust (external assessments, customer questionnaires, and our Security Hub site). This role will be responsible for the day-to-day work of customer questionnaires, third-party risk assessments of Abnormal’s suppliers and vendors, and evaluating the compliance and operating effectiveness of our security controls. The ideal candidate will have experience with audit testing, reviewing SOC2 reports, and be detailed-oriented.

What you will do

  • Evaluate risk and security controls of all third-party vendors and suppliers that Abnormal uses - including initial evaluation and recurring reviews of controls
  • Responding to customer questionnaires and questions on our Security Hub trust center
  • Documenting and evaluate evidence of security controls
  • Collect and review audit evidence to support our annual SOC2 and ISO27001 audits
  • Monitoring security compliance statuses in our monitoring tools and working with control owners to remediate any open issues
  • Perform regular risk assessments within the organization and maintain the company’s enterprise risk register

Must Haves

  • Demonstrated experience with ISO27001 framework
  • Experience either having performed IT audit testing and/or managing external assessments
  • Experience working individually as well as in groups on a regular basis
  • Proven experience in risk management, compliance and/or information security
  • Proven experience working effectively with cross-functional teams
  • Deep understanding of security and compliance controls in cloud environments
  • BS degree in Computer Science, Applied Sciences, Information Systems or other related engineering field
  • 5+ years experience cyber security, information assurance, IT compliance, and/or IT audit

Nice to Have

  • Direct experience managing SOC2 and/or ISO27001 audits
  • Working with large multinational companies
  • Working in a technology company