Clari

Senior Security and Compliance Analyst

Clari

full-time

Posted on:

Location Type: Hybrid

Location: Mexico

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber Security

About the role

  • Maintain and evolve policies that hold employees accountable to security and privacy best practices, while remaining practical and aligned with Salesloft’s systems and control environment
  • Conduct third party risk management activities that evaluate the security posture and controls of third party providers, including the implementation and ongoing use of third-party systems
  • Conduct security, privacy and compliance reviews as part of the software development lifecycle for the Salesloft platform
  • Work with business stakeholders to ensure security and privacy requirements are adequately considered as part of the development and delivery methodology
  • Liaise with third party auditors and internal control owners to ensure the successful completion of attestation and compliance engagements
  • Support the automation of cybersecurity risk management programs and reporting capabilities to measure and demonstrate control operational effectiveness
  • Work with various departmental control owners to identify, assess, and treat security and privacy risks
  • Respond to customer security and compliance inquiries, including customer security and privacy questionnaires, compliance attestations, and discussions on product functionality and its impact on customer environments
  • Maintenance of the public facing Salesloft trust portal
  • Participate in meetings with customer security, privacy, legal, and IT teams to address detailed security and compliance questions related to the Salesloft platform and security program
  • Create and maintain customer-facing materials that streamline the security evaluation process and proactively address common customer concerns
  • Ensure Salesloft’s security awareness training program communicates relevant content that results in meaningful learning across the employee base
  • Support the responsible adoption of AI by enabling GRC automation and partnering with business teams on AI-driven initiatives, while establishing and maintaining appropriate AI governance, risk controls, and compliance guardrails

Requirements

  • 5+ years of experience auditing and/or maintaining information security controls
  • Experience engaging directly with customers as a security subject matter expert
  • Working knowledge of ISO 27001, SOC 2 Trust Services Principles, GDPR and other common security standards
  • Experience with "defense-in-depth" principles and technology
  • Strong attention to detail and commitment to quality
  • Self-driven, autonomous and can contribute to the strategy and roadmap of the team
  • Advanced documentation, prioritization and change management skills
  • CISA or similar certification
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information security controlsthird party risk managementsecurity posture evaluationsoftware development lifecyclecybersecurity risk managementsecurity compliance reviewsGRC automationAI governancedefense-in-depth principlesdocumentation
Soft Skills
attention to detailcommitment to qualityself-drivenautonomousstrategic contributionprioritizationchange managementcommunicationcollaborationcustomer engagement
Certifications
CISAISO 27001SOC 2 Trust Services PrinciplesGDPR