The Compliance Lead will lead various security and compliance efforts in India and worldwide for Gainsight, a growing Software as a Service innovator. This person will lead audit responses, integrate purchased companies, lead vendor risk management, manage pieces of the Privacy program, and respond to customers’ security questions.
Audit response: Lead the cross-functional SOC2 audit response for India and much of the worldwide audit response. This includes substantial work with Gainsight’s external audit firm. Other security frameworks such as ISO 27001 may also be included.
Integrate Purchased Companies: If Gainsight purchases a company, manage the cross-functional project to integrate the new company into Gainsight’s controls, processes, and SOC2 program.
Vendor Risk Management: Continuously improve, lead, and execute Gainsight’s vendor risk management program. Document the process, assess vendor risks, and select and implement a tool to automate as much of the process as possible.
Privacy: Review and update Data Processing Addendums (DPAs), especially vendor DPAs and some customer DPAs. Complete Data Privacy Impact Assessments as requested by prospects/customers. Collaborate with others on the Security team to implement Privacy by Design in Gainsight’s products.
Sales Support: Respond to questionnaires regarding Gainsight’s security program from sales prospects and customers.
What we’re looking for
8-12 years of experience in Security or Privacy
2 years of experience leading cross-functional teams
Experience leading audit responses
Strong written and spoken English
Detail oriented organization skills
Security or Privacy certification such as CISA, CISSP, CISM, CIPP/E, or CIPM
Nice to have skills:
Formal experience as a Project Manager
Individuals seeking employment at Gainsight are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.