Platform.sh · Feb 8th 2021
Mission
To reinforce our commitment to customers’ privacy Platform.sh is looking for an experienced Compliance Specialist with excellent English skills eager to live in the world of GDPR, PIPEDA, and CCPA as well as participating in PCI, SOC 2, and related assessments. The role is focused on executing our Governance, Risk, and Compliance (GRC), and Privacy, programs.
You will be a part of the Compliance team under the supervision of our Security, Compliance and, Data Protection Officer. The long term objective of this team is to grow into a PrivacyOps team and we would like your help to do that.
CIPP/E or other similar certification, or the ability to become certified within 6 months of hire, is required.
Responsibilities
Do everything necessary to maintain compliance with existing standards and regulations
Implementation and monitoring of certifications and legal regulations
Monitoring of new compliance regulations/changes and taking action to avoid possible legal risks or situations where our customer data is inadequately protected
Reporting of governance activities
Management of internal and external relations and reporting (communication, information, training)
Tracking and updating our data in OneTrust
Coordinating with the Security Team to efficiently process new tool requests.
Vendor compliance management including securing GDPR Data Processing Agreements, and analyzing their internal security certifications
Performing annual vendor and corporate asset registry review
Performing Business Continuity Analyses like Business Impact Analysis, Risk Analysis, and Privacy Impact Analysis
Preparing monthly security & compliance newsletters
Compiling data for, and participating in, monthly risk management and threat review meetings
Creation and modification of documentation, policies, and training materials.
Driving closure of compliance tasks for employees
Answering compliance-related questions and questionnaires
Reviewing compliance news and assessing the impact to Platform.sh
Assist our Data Protection Officer in carrying out data protection activities
Secondary responsibilities include:
Automation of compliance tasks to reduce the internal compliance burden
Automation compliance with legal requirements (PrivacyOps)
Improvement/enhancement of our processes and tooling to provide more meaningful and actionable results
Assessing and submitting privacy and compliance-related product improvement requests
Help Platform.sh gain additional industry certifications
Minimum Requirements:
Minimum 5 years experience in the field
Highly proficient in spoken and written English
Strong analytical, multi-tasking, and documentation skills
Highly proficient with GDPR
Working knowledge of CCPA
CIPP/E or other similar certification, or the ability to become certified within 6 months of hire
Experience analyzing contracts, terms of service, privacy policies, and data processing agreements
Preferred Requirements:
Previous work experience in an international organization
Experience
Vendor Management
Creating Security Awareness and Privacy Awareness presentations
Jira
Git
OneTrust
Team Leadership
Slack
Markdown
Creating and reviewing policies and procedures
PIPEDA
BDSG
APA
SOC 2
PCI
HIPAA
ISO 27000 + ISO 27701
Cloud Technologies including AWS, Azure, GCP, OVH, and Orange
General contract law
About Platform.sh
Platform.sh is an idea-to-cloud application platform that simplifies cloud infrastructures.
We give developers the tools they need to experiment, innovate, get rapid feedback, and deliver better-quality features with speed and confidence thanks to our unique rapid cloning technology.
Platform.sh serves thousands of customers worldwide including The Financial Times, Gap, Magento Commerce, Adobe, Orange, Hachette, Ikea, Stanford University, Harvard University, The British Council, and Lufthansa.
We want people who are passionate, open, multicultural, friendly, humble, and smart to join us and help this fast-growing, award-winning company to revolutionize the tech industry.