About Pathlock: Pathlock is a leader in application security, access governance, and compliance automation.
Our cloud-based solutions help organizations secure critical applications, mitigate risk, and enforce policies across a diverse IT landscape.
About the Role As a Security and Compliance Specialist, you will be responsible for maintaining our security posture, ensuring regulatory compliance, and managing our GRC program.
This role requires a balance of technical expertise, regulatory knowledge, and strong communication skills to support our security initiatives across the organization.
Technical Skills Required Security Frameworks and Regulations: Comprehensive knowledge of ISO 27001, SOC, NIST, GDPR, and privacy frameworksAuditing and Compliance: Demonstrated experience conducting security audits and ensuring compliance with relevant regulationsData Privacy: Strong understanding of data privacy regulations and implementation of best practicesThird-Party Risk Management: Experience managing vendor risk assessments and responding to customer due diligence requestsGRC Tools: Hands-on experience working with and improving GRC platforms such as Drata or VantaIT Infrastructure and Application Controls: Solid understanding of IT infrastructure elements including networks, operating systems, databases, and application controls Core Competencies Communication Skills: Ability to explain complex concepts to technical and non-technical stakeholdersProblem-Solving Skills: Analytical approach to identifying and resolving security and compliance issuesAttention to Detail: Meticulous focus on accuracy and completeness in compliance documentation and processesInterpersonal Skills: Strong collaboration abilities with cross-functional teams and external stakeholdersFlexibility: Willingness to support business needs across different time zonesOrganizational Skills: Excellent capability to manage multiple competing priorities effectively Requirements Must Have ISO 27001 experience as either an auditor or as part of the ISMS functionProficient speaking and reading EnglishPractical experience working with and improving GRC tools such as Drata or VantaWorking knowledge of data privacy requirementsExperience handling due diligence requests (security questionnaires and RFPs)Experience working with external and internal auditors Nice to Have CISA (Certified Information Systems Auditor) certificationCIPP (Certified Information Privacy Professional) certificationExperience with cloud security certifications (AWS, Azure, GCP)Knowledge of additional regulatory frameworks (e.g., PCI DSS, CCPA)Experience implementing continuous compliance monitoring Join our team and play a critical role in safeguarding our organization's information assets while ensuring we meet industry standards and regulatory requirements.
Why Join Pathlock? Opportunity to lead a cutting-edge cloud security platform.Work in a fast-paced, high-growth environment.Competitive compensation, benefits, and equity options.Collaborative and inclusive company culture.