Qubole, the leading cloud-agnostic, big data-as-a-service provider, is passionate about making data-driven insights easily accessible to anyone. Qubole delivers the industry’s first autonomous data platform. The cloud-based data platform, Qubole Data Service (QDS), removes the burden of maintaining infrastructure of multiple big data processing engines, and enables customers to focus on their data. Qubole customers process nearly an exabyte of data every month. Qubole investors include Charles River, Institutional Venture Partners, Lightspeed, Norwest, Harmony and Singtel Innov8.
We are looking for a dynamic individual who is excited about applying compliance and governance needs to technology and loves the thrill of finding and solving challenges. An accomplished individual who wants to achieve great technical milestones and grow to be a security visionary.
What you'll do
- Be a policy wrangler. This will include researching, and updating security policies that comply with various compliance objectives such as AICPA Trust Principles (SOC2), ISO, HIPAA, etc.
- Maintain demonstrable compliance with industry-based information security & control frameworks (ISO 2700x, SOC2, etc.)
- Stay abreast of upcoming compliance changes that may impact Qubole and be an advocate for changes that align with the interests of Qubole and our broad set of customers.
- Work with our cross functionally engineering and product teams to advance compliance in all things we do, as a company we are all committed to doing the very best for our customers and policy and compliance is where all that commitment starts.
- Manage Qubole’s Security Awareness program to help Qubole employees understand the importance of security and compliance and why we do the things we do.
- Help ensure our compliance with various policies and control objectives and be able to spot check and find deviations that need improvement.
- Respond to security questions from external audits, customers and from our partners/vendors.
- Has experience working in a cloudy environment where assets such as systems and applications grow and compare as needed and where system assets/inventories may only be active for as little as one hour or one day.
What you must have
- Strong/comprehensive working experience with one or more other policy frameworks and regulations such as COBIT, ISO, AICPA Trust Principles and HIPAA in an implementation, or program audit capacity.
- The successful individual will have experience working with other compliance individuals and teams, customers and auditors to communicate our relevant plans, policies, and controls as well as our adherence to what we say we do.
- Ability to build relationships both internally and externally to achieve the right business results in a security-conscious way.
- Experience executing processes and controls to meet or address security risk and compliance requirements.
- Is capable of documenting and describing workflows and processes that can be followed in a fast-paced environment and which exceeds the requirements set forth in audits and necessary compliance regimes we follow.
- Is a good communicator and writer, adept at working with auditors/regulators, technical personnel (like engineers), business teams to make complex concepts clear and understandable by different audiences.
What you should have
- 3 - 5 years of experience in Information Security and Risk ManagementExperience with implementing and maintaining SOC2 and ISO 27001 compliance frameworks
- Experience with security practices in one or more public cloud services, such as: AWS, GCP, Azure and other IaaS based platforms
- Certifications nice to have -- CISA,CISM, etc
- Is capable of thinking out of the box and has a solid grounding in creating great and secure experiences
- Has or will be willing to learn Qubole and Big Data products and services
Qubole is hitting that growth inflection point where we need talented people to help us scale up. Our company culture is special, and we are looking for people to join us who want to continue building a great company while going after the big data activation market.
Culture at Qubole
Trust and Autonomy: We absolutely pride ourselves on the lack of bureaucracy at work, and believe in delegating power and responsibility, aggressively to our employees.
Transparency and Teamwork: Complete transparency in all our thoughts and actions is integral to our genetic character, and it helps us to stick together and function effectively as a team.
Who Thrives: If you are a self-starter and thrive on complexity and independence and truly understand and live the tenets of humility, hunger and honesty and you will love Qubole.
Qubole is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Qubole does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Qubole also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.