Security Compliance Specialist

Available Locations: Austin, Texas; Lisbon, Portugal; London, UK
About Us
At Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today the company runs one of the world's largest networks that powers trillions of requests per month. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer and named to Entrepreneur Magazine's Top Company Cultures list.
We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us!
The Team
Security Compliance is seen as a critical business function at Cloudflare. Compliance certifications allow our customers to be confident in the security and privacy of our products, while also providing frameworks for well-tuned information security management systems and programs. These standards provide clarity to Cloudflare's teams on how to incorporate security principles in the management of systems, the development of products, and the expansion of our business footprint.
This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. You will join as a member focused on developing and maintaining an internal control framework, aligned with security and privacy standards and internal security requirements. This team is part of Security Compliance and is part of the greater Security Team under Cloudflare's Chief Security Officer. We guarantee that you will be challenged and have room for growth on our team!
What you'll do

• Manage and oversee all security policies and standards at Cloudflare
• Develop, implement, and maintain security policies and standards to ensure compliance with industry standards and regulatory requirements, and address emerging threats and changes in the regulatory landscape
• Collaborate with cross-functional teams (e.g. Security, Engineering, IT, Legal, People) to integrate security policies into business processes and systems, and
• ensure alignment and effective risk management
• Improve the maturity of Cloudflare's Security program with a focus on our policies and controls
• Collaborate with security, risk, and compliance specialists to develop policy review and exceptions processes
• Help maintain and mature Cloudflare's security and privacy controls
• Help guide our overall security and privacy policies and governance architecture
• Have input and contribute to the overall security compliance strategy and roadmap

Examples of desirable skills, knowledge and experience

• 3-6 years working in security compliance, with a strong emphasis on developing and managing security policies
• Knowledge of Security Compliance Frameworks and previous experience managing security control frameworks
• Strong communication skills and the ability to work cross-functionally with internal stakeholders
• Experience in drafting technical policies, standards, or procedures
• Experience in auditing of network, operating system, and application security
• Familiarity with security standards and frameworks such as ISO 27000 family, SOC 2, PCI DSS, NIST 800-53
• Ability to work efficiently and independently in a fast-paced, high-volume environment
• CISA, CRISC, CISSP, CIPP, CIPM, or CIPT are a plus