About the Team:
Sift is looking for an experienced Compliance Specialist to join our small, but mighty Legal & Compliance team. You will report to our VP, Legal and Compliance, and work closely with our Security Engineering function to accomplish our company’s security-related and data protection compliance objectives. We’re a team that aims to execute quickly, but thoughtfully, always balancing risk with business objectives.
What We’re Looking For:
We’re looking for a self-starter, who will drive our compliance efforts and risk management programs. This includes being our policy go-to -- researching, developing, writing and updating security and related policies that align with various compliance and security objectives, such as SOC II and PCI (or other initiatives you advise the company to take on). You’ll keep up-to-date on upcoming compliance changes that may impact Sift and be a (pragmatic) advocate for changes that align with the company’s goals.
What you’ll do:
- Lead and drive our compliance efforts, building and cultivating positive working relationships across departments and advising on compliance roadmap.
- Lead and further develop our risk management program, including working with other departments, such as Security Engineering, IT, Legal, HR, in annual compliance audits and preparing assessment and audit documentation for regular reviews.
- Regularly conduct internal audits to track adherence and perform gap assessments to track compliance readiness.
- Develop, update and maintain security policies, procedures and methodologies.
- Assist with completing security questionnaires from customers and answering customer questions with respect to compliance; work with the marketing team to create customer collateral to educate internal staff and aid in the sales process.
- Work closely with our Security Engineering and Product teams to ensure our products are validated against compliance standards (e.g., SOC2 Type II).
- Manage vendor security reviews and perform vendor risk assessments.
- If you have strong EU data protection knowledge and credentials, you could potentially serve as our data protection officer.
What would make you a strong fit:
- Bachelor's degree
- 4+ years in compliance including, writing security policies/procedures and risk assessment
- Advanced compliance knowledge (SOC II Type 2, PCI); experience in broader data protection is a plus.
- Experienced in organizing, documenting, tracking and executing projects
- Professional certifications in security, privacy risk management, and audit areas are a plus, such as CISSP, CIPP, or CISA.
- A great teammate with a sense of humor!
A little about us:
Sift is the leading innovator in Digital Trust & Safety. Hundreds of disruptive, forward-thinking companies like Airbnb, Zillow, and Twitter trust Sift to deliver outstanding customer experience while preventing fraud and abuse.
The Sift engine powers Digital Trust & Safety by helping companies stop fraud before it happens. But it’s not just another anti-fraud platform: Sift enables businesses to tailor experiences to each customer according to the risk they pose. That means fraudsters experience friction, but honest users do not. By drawing on insights from our global network of customers, Sift allows businesses to scale, win, and thrive in the digital era.
Benefits and Perks:
- Competitive total compensation package
- 401k plan
- Medical, dental and vision coverage
- Wellness reimbursement
- Education reimbursement
- Flexible time off
- Catered meals
Sift is an equal opportunity employer. We make better decisions as a business when we can harness diversity in thought, experience, data, and background. Sift is working toward building a team that represents the worldwide customers that we serve, inclusive of people from all walks of life who can bring their full selves to work every day, so we can Win as One Team.