Compliance Manager at Auth0
United States of America

Auth0 provides a secure, highly available, enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

 

Auth0 is loved by developers and trusted by global enterprises. More than 500.000 unique users visit Auth0.com each month due to our compelling content and the functionality of our identity platform. Our mission is to simplify developers' lives, improve security, and reduce identity TCO for our enterprise customers, by making identity simple, secure and extensible. We strive to maintain a welcoming and inclusive culture built on the principle of "No B.A.P." (No BS, No A-holes, No Politics).

 

The mission of the Auth0 Compliance team is to provide evidence that builds customer trust in Auth0’s management of security and privacy, by obtaining relevant industry certifications and making audit information available to assist customers in satisfying their compliance requirements.




Responsibilities:




    • Ensuring compliance with industry regulations and working with independent, external auditors to demonstrate such compliance to achieve certification of compliance.

    • Stay abreast of industry requirements for certifications relevant to Auth0’s business.

    • Maintain in-depth knowledge of certifications and controls such as SOC-2, HIPAA, PCI-DSS, ISO 27001, GDPR, FedRAMP.

    • Develop control definitions and pass criteria for compliance.

    • Interview internal resources and review process documentation to assess compliance with established controls and identify gaps.

    • Work with other teams to identify solutions for compliance gaps.

    • Track compliance gaps and ensure work to remediate gaps meets deadlines.

    • Conduct periodic reviews of policies, procedures and operations for compliance.

    • Conduct periodic reviews of vendors’  certifications and compliance.

    • Organize and present audit documents for review with external auditors.

    • Conduct internal audits to identify risks and manage risk-tracking efforts.

    • Create and deliver training to employees on compliance topics.

    • Define and monitor metrics on compliance progress.

    • Drive innovation to improve compliance effectiveness and efficiency.

    • Prepare customer-facing collateral on compliance efforts.

    • Meet with customers to resolve concerns related to privacy, security and compliance.

    • Respond to customer inquiries on compliance related matters.







Requirements:




    • Minimum 3 years work experience in compliance within the software industry.

    • Knowledge of industry cloud technologies.

    • Experience with certifications and standards such as SOC-2, HIPAA, PCI-DSS, ISO 27001, and GDPR.

    • Experience with information security principles/practices.

    • Experience with privacy principles/practices.

    • Some experience with software development practices.

    • Excellent written and verbal communication skills (English).

    • Passionate about security, privacy and compliance.

    • Self-motivated, quick learner, fast researcher.

    • Have experience with and are comfortable with a remote working environment.

    • Bachelor’s degree in a related field.







Extra Points:




    • Public Accounting/Big 4 Consulting Experience.

    • Technical information security Experience.

    • BA/BS in Computer Science, Engineering.






Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.