FreshBooks has an ambitious vision. We launched in 2003 but we’re just getting started and there’s a lot left to do. We're a high-performing team working towards a common goal: building an elite online accounting application to help small businesses better handle their finances. Known for extraordinary product and customer service experiences and based in Toronto, Canada, and with offices in Raleigh, Amsterdam and Croatia, FreshBooks serves paying customers in over 120 countries.
What you’ll do:
FreshBooks handles some of people's most important information… their financials! The Privacy and Compliance Specialist at FreshBooks maintains the confidentiality, integrity, and availability of information that traverses throughout FreshBooks. To do that you’ll be auditing what we’ve done, analyzing what we’re doing, and advising the organization to best practices that the future will require from Security Governance, Risk, and Compliance (GRC). Make no mistake about it, this role owns Security GRC at FreshBooks and partners with others inside and outside the organization to make sure we continue to be great custodians of information and maintain Trust (our core value) inside and outside the organization.
- Maintain our PCI-DSS compliant environment by facilitating administrative requirements and annual audits with QSAs.
- Position the organization for smooth adoption of future legislative and compliance requirements
- Prepare compliance audit data by compiling and analyzing internal and external information
- Partner with other departments, 3rd parties, and auditors to get work in support of compliance done
- Provide security governance through implementing systems, procedures, and policies; completing projects in support of enhancing our security posture
- Enhance organizational reputation and help others by owning compliance
- Answering questions and working to satisfy compliance and business needs and at times advising management on needed actions. management on needed actions
What you'll need:
- Experience as an auditor, consultant, and/or and advisor for PCI-DSS requirements
- Experience as a Security Governance, Risk Management, and Compliance (GRC) advisor
- Experience in managing relationships with PCI Qualified Security Assessors (QSA) and external auditors
- Strong reading, reasoning, and communication skills
- A collaborative and agile approach to risk and compliance management
What you may have:
- Demonstrated knowledge of information technology security, trends, leading practices, regulatory and industry standard compliance issues (PCI-DSS, ISO 27001, SOC 2, HIPAA, and others)
- Experience with privacy regulations and principles such as GDPR, CCPA, PIPEDA, etc
- Specific experience with SaaS applications hosted on public cloud (e.g. AWS, GCP, Azure)
- Experience performing risk analysis and mitigation strategies
- Experience managing security awareness training
- Experience managing and handling security incidents and responses
- Experience in developing policies, procedures, and processes for Information Security best practices
Why Join Us
We're an ambitious bunch, with our eyes laser-focused on shipping extraordinary experiences to small business owners. You will be surrounded by hardworking team members who share a common vision for what an amazing software company could be, and have the opportunity to help build an elite one, right here in downtown Toronto.
Have we got your attention? Submit your application today and a member of our recruitment team will be in touch with you shortly!
FreshBooks is an equal opportunity employer that embraces the differences in all of our employees. We celebrate diversity and are committed to creating an inclusive environment for all FreshBookers. All applicants are evaluated based on their experience and qualifications in relation to this position.
FreshBooks provides employment accommodation during the recruitment process. Should you require any accommodation, please indicate this on your application and we will work with you to meet your accessibility needs. For any questions, suggestions or required documents regarding accessibility in a different format, please contact us at phone 416-780-2700 and/or firstname.lastname@example.org.