Director, Governance, Risk and Security at Auth0
United States of America
Auth0 provides an enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

Lead the Auth0 Governance, Risk and Compliance team to provide evidence that builds customer trust in Auth0’s management of security and privacy, by obtaining relevant industry certifications, and making audit information available to customers to help them meet their compliance requirements.
Responsibilities:

Stay abreast of industry trends and requirements for certifications relevant to Auth0’s business.
Define the compliance roadmap for Auth0.
Manage a team to establish internal practices necessary for new certifications, delegate compliance responsibility appropriately. throughout the organization, and oversee the generation of ongoing evidence as part of a compliance calendar.
Ensure Auth0’s compliance with industry regulations and work with independent, third-party auditors to demonstrate Auth0’s compliance and achieve target certifications.
Deliver documentation, blogs and training to internal and external audiences on GRC-relevant topics.
Define and monitor metrics on compliance progress.
Drive innovation to improve compliance effectiveness and efficiency.
Meet with customers to resolve concerns related to privacy, security and compliance.
Requirements:

Minimum 5 years work experience in compliance within the software industry.
Minimum 5 years experience with security-related management.
Minimum 5 years experience as a people manager; experience leading a security or compliance team.
Experience with certifications such as SOC2, HIPAA, PCI-DSS, ISO27001Experience with information security. principles/practices.
Experience with identity management principles/practices.
Experience with privacy principles/practices
Excellent written and verbal communication skills (English).
Passionate about security, privacy and compliance.
Self-motivated, quick learner, fast researcher
Have experience with and are comfortable with a remote working environment.
Bachelor’s degree in a related field.
Bonus Skills:

BA/BS in Computer Science, Engineering
Experience developing, delivering and measuring effectiveness of training
Public speaking