Compliance Manager at Auth0
United States of America
Auth0 provides a secure, highly available, enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security. The mission of the Auth0 Compliance team is to provide evidence that builds customer trust in Auth0’s management of security and privacy, by obtaining relevant industry certifications and making audit information available to assist customers in satisfying their compliance requirements.

Responsible for ensuring compliance with industry regulations and working with independent, external auditors to demonstrate such compliance to achieve certification of compliance.
Stay abreast of industry requirements for certifications relevant to Auth0’s business
Maintain in-depth knowledge of certifications and controls such as SOC2, HIPAA, PCI-DSS, ISO27001, GDPR, NIST, 21CFRpart11, FedRAMP
Develop control definitions and pass criteria for compliance
Interview internal resources and review process documentation to assess compliance with established controls and identify gaps
Work with other teams to identify solutions for compliance gaps
Track compliance gaps and ensure work to remediate gaps meets deadlines
Conduct periodic reviews of policies, procedures and operations for compliance
Conduct periodic reviews of vendors’ certifications and compliance
Organize and present audit documents for review with external auditors
Create and deliver training to employees on compliance topics
Define and monitor metrics on compliance progress
Drive innovation to improve compliance effectiveness and efficiency
Meet with customers to resolve concerns related to privacy, security and compliance

Minimum 3 years work experience in compliance within the software industry
Experience with certifications such as SOC2, HIPAA, PCI-DSS, ISO27001
Experience with information security principles/practices
Experience with privacy principles/practices
Some experience with software development practices
Excellent written and verbal communication skills (English)
Passionate about security, privacy and compliance

Auth0 values diversity and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status