Security Trust & Compliance Program Manager

At Everlaw, our mission is to promote justice by illuminating the truth, and we’re changing the way that legal teams at law firms, corporations, government agencies, and nonprofits find the information they need to achieve their truth-finding goals.

We are looking for a dedicated and experienced Security Trust and Compliance Program Manager to enhance and manage our security trust and compliance programs. Our Security Trust and Compliance Program is pivotal to Everlaw’s continued topline revenue growth: more than ever, an organization’s security and compliance posture and robustness is a key factor in a customer’s buying decision. As the Security Trust & Compliance Program Manager, you will collaborate with our corporate IT, engineering, legal, and GTM teams to stay ahead of the curve on security, compliance, and risk regulations and trends. The ideal candidate has a strong background in information security, compliance, and risk management, along with exceptional project and program management skills.

Our company culture is open and vibrant and we’re committed to the professional growth of our team members, offering an annual learning and development stipend and regular check-ins with managers regarding career goals. If you’re looking for a place that values passion, integrity, thinking big, and a desire to learn, we’d love to hear from you! Think you’re missing some of the skills and are hesitant to apply? We do not believe in the ‘perfect’ candidate and encourage you to apply if you feel you can bring value to our team.

Getting started

• We want you to feel like part of the team early on! Our onboarding process will integrate you into the company with informative sessions on our product, policies, processes, and team structure and goals.
• We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and uplevel the team, but we don’t expect you to know everything on Day 1.

In your role, you'll...

Program Management

• Develop, manage and support comprehensive security trust and compliance programs, working closely with our legal team, security engineering team, and other stakeholder teams.
• Define and manage program goals and objectives under leadership’s guidance, and in alignment with company objectives.
• Create and maintain detailed program documentation, including policies, procedures, and guidelines.
• Implement and track key performance indicators (KPIs) to measure the effectiveness of security trust and compliance programs.
• Work independently to identify and execute program management activities, document plans and report updates and/or challenges.

Compliance & Trust Program Coordination and Support

• Lead, execute and manage Everlaw’s security and privacy training awareness programs.
• Identify and manage security risks and vulnerabilities, and collaborate with the Security Engineering and Corporate IT team to track remediation efforts.
• Assist the GRC team in performing security risk assessments and developing mitigation strategies.
• Lead Everlaw’s annual cybersecurity insurance renewal process in collaboration with Finance, SecEng, IT, and other teams.
• Lead Everlaw’s annual security and operational policies and procedures update initiative in collaboration with Finance, SecEng, IT, and other teams.
• Support Sr. Compliance Program Managers and Trust Program Manager to help drive program maturity.
• Coordinate preparation of metrics, status updates, and provide timely updates to the SMT (Security Management Team), SLT (Security Leadership Team), Sales leadership, and other management groups.
• Develop and deliver security trust reports, metrics and dashboards for management.
• Perform annual vendor security and privacy risk assessments,
• Support Trust Program Manager to develop customer facing materials and understand customer needs.
• During the busy season (quarter end, year end) time frame, assist with customer RFI work.
• Support compliance and customer security audits and assessments, providing necessary documentation and support.
• Assist the GRC team with other ad hoc and as-required tasks.

About you

• You have a Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field.
• You have 2- 3 years of experience in information security, compliance, or risk management.
• You have 1-2 years of experience managing security and compliance programs.
• You have strong data analytics skills

Pluses:

• You are familiar with security frameworks and standards (e.g., ISO 27001, NIST, SOC 2).
• You possess one or more cybersecurity-related certifications (e.g., CISSP, CISM, CRISC, CISA).

Benefits

• The expected salary range for this role is between $145,000 and $170,000. The final offered salary will be dependent upon many factors including the candidate’s experience and skills. The base pay range is subject to change in the future
• Equity program
• 401(k) retirement plan with company matching
• Health, dental, and vision
• Flexible Spending Accounts for health and dependent care expenses
• Paid parental leave and approximately 10 days (80 hours) per year of sick leave
• Seventeen paid vacation days plus 11 federal holidays
• Membership to Modern Health to help employees prioritize mental health and wellness
• Annual allocation for Learning & Development opportunities and applicable professional membership dues
• Company-sponsored life and disability insurance
• Find out more about our Benefits and Perks

Perks

• Flexible work-from-home days on Tuesdays and Fridays
• Monthly home internet reimbursement
• Select your preference of hardware (Mac or PC) and customize your desk setup
• Enjoy a wide variety of snacks and beverages in the office
• Bond over company-wide out-of-the-box events and fun activities with your team
• Time off for company-sponsored volunteer events and 4 paid hours per quarter to volunteer at a charitable organization of your choice
• Take advantage of learning and career development opportunities
• Ranked #9 on Glassdoor's Best Places to Work 2023 for US small and medium companies
• One of Wealthfront’s 2021 Career Launching Companies, and ranked #2 on the “2022 Bay Area Best Places to Work” list by the San Francisco Business Times and the Silicon Valley Business Journal
• One of Fast Company’s World's Most Innovative Companies for 2022 and proud contributor of free ediscovery resources to benefit the greater good through “Everlaw for Good”
• #LI-JD1
• #LI-Hybrid