Trust & Compliance Lead

BetterCloud is the market leader for SaaS Operations, enabling IT professionals to transform their employee experience, maximize operational efficiency, and centralize data protection. With no-code automation enabling zero-touch workflows, thousands of forward-thinking organizations like Oscar Health, and Cloud Factory now rely on BetterCloud to automate processes and policies across their cloud application portfolio.

With 10+ years of experience pioneering the SaaS Operations movement, BetterCloud now serves the world’s largest community of SaaSOps experts. As host of Altitude, the industry’s leading SaaSOps event, and publisher of The State of SaaSOps Report, the category’s definitive market research, BetterCloud is recognized by customers (G2) and leading analyst firms (Gartner and Forrester) as the market leader in SaaS Operations. 

This role is based out of our exciting Mexico City Office, our first office outside of the US. With a large presence in New York City, Atlanta, GA, as well as innovation hubs & remote talent across the U.S. BetterCloud is backed, among others, by some of the best technology investors Vista Equity Partners, Warburg Pincus, Bain Capital, and Accel.

We’re looking for a Trust & Compliance Lead who is a practical and effective partner to the commercial and technology teams and wants to have some fun while tackling challenging - but rewarding - compliance questions. Do you like to work in a fast-paced and results-oriented environment? Are you a problem solver that can explain complicated concepts in a simple way to various stakeholders (do you like to use pop culture metaphors to help illustrate the point)? Do you have broad experience with security compliance audits? Do you love (or at least don’t hate :D) reviewing and completing security questionnaires from prospects and vendors (these deals don’t get done without you!)? Do you like cookies (we love desserts and they do come up almost every day)? If so, joining BetterCloud’s growing team might be the perfect fit for you!

In this role you will report to our VP of Legal & Compliance and partner very closely with our security, IT, the cross-functional security audit,  and the legal, sales and renewal teams. You will provide support to our sales and customer success teams and handle the trust & compliance pieces of our procurement function. You will also assist the rest of the team with various security, privacy, product, risk management programs and otherand strategic initiatives.

About You:

• At least 3-5 years of experience with information security governance, risk, and compliance or cloud services and architecture
• At least 3-5 years of experience at a SaaS company 
• At least 1-2 years of hands-on SOC 2 and ISO 27001 audit experience, preferably leading the audits and working directly with external auditors 
• Strong understanding of the controls in the compliance frameworks such as SOC 2, ISO 270001, NIST, and how to implement and maintain the controls 
• Mindset of ‘strive to delight’ for the customers served -- both internal and external. Looking for ways to streamline processes and fulfill security requests quickly. 
• Self-driven and directed, knows how to prioritize responsibilities on a regular basis
• Excellent negotiation capabilities
• English is the business language of BetterCloud. Candidates are required to have a Toefl proficiency or equivalent.
• Ability to travel to our offices in the United States
• Willingness to work out of our Mexico City Office at least 3 days per week

What You’ll Do

• You will be our first trust and compliance lead in Mexico City, and we’ll look your way for guidance along the way. You will lead and manage the trust and compliance function at BetterCloud, including: Own the SOC 2 and ISO 27001 audits, policies, procedures, and risk management program. This includes representing BetterCloud during the annual third-party audits as well as creating, owning, and enforcing new and established security controls 
• You will lead and manage the SOC 2 and ISO 27001 audits and work directly with our external auditors, collect evidence and coordinate with internal stakeholders. 
• You will also manage the annual security compliance calendar, including managing the risk register, develop, maintain, or enhance the compliance-related policies and procedures   
• Lead the Information Risk Council and work cross functionally to improve overall security, maintain confidentiality, and effectively manage risks to protect the sensitive information and assets of the organization.
• Represent BetterCloud and collaborate with the Sales Team, the Success Team, and department leads during the sales cycle & onboarding processes with our customers and third party vendors, including reviewing and responding to prospectives’/customers’ vendor security questionnaires and reviewing responses to security questionnaires from our vendors 
• Review and help draft public-facing statements on product-specific privacy, compliance and security measures and features (such as our security and compliance page and whitepaper)
• Conduct periodic internal reviews to ensure that compliance procedures are followed
• Assist with coordination and recording internal investigations of compliance issues
• Assess product, compliance, or operational risks and develop risk management strategies for assigned areas
• Assist with annual staff training on the company security practices and policies as well as during employee onboarding
• Supporting the growth of the trust and compliance programs, including against existing legal requirements (e.g., GDPR, CPRA/CCPA), and third party standards and frameworks (e.g., Privacy Shield, SOC 2 and ISO 27001) 

Goals

In your first week, you will have…

• completed our 4-day universal onboarding program, BetterBeginnings 
• met with your manager 1:1
• met your team
• gained access to the tools and resources necessary to be successful in your new role 

In your first 30 days, you will have…

• A lot of questions but the whole team is here to answer all the questions and make sure we succeed together. Don’t worry, we all remember what it felt like to be new to the team. We’re here for you.  
• completed your department’s functional onboarding program 
• met and collaborated with your team 
• identified projects and tasks that you’ll dive into moving forward 
• Start getting familiar with our security compliance program 
• Worked with the cross-functional team to understand how controls have been implemented
• Work with team to review customer documents and questionnaires 

In your first 60 days, you will have…

• Start working on customer security questionnaires independently 
• Start working on vendor security documentation independently
• Start owning the SOC 2 and ISO 27001 audits and related work 
•  

What We Offer

• Hybrid work model with up to 2 days per week working from home*
• Generous PTO policy plus paid mental health days
• Seguro de Gastos Médicos Mayores, Seguro de Asistencia Médica, Vision Insurance, Dental Insurance, Life Insurance and dedicated mental health resources
• Financial wellness support and one-time WFH stipend
• Plus more… Think events, killer swag, and a strong BetterCloud Community!

At Bettercloud, we believe that our employees' gender identity and expression, race, ethnicity, religion, origin, sexual orientation, physical or mental disability, age and other characteristics enrich our corporate culture and our workplace. That’s why we have a mission to foster a culture at BetterCloud that empowers, celebrates, and values our differences allowing us to bring our true self to work. DEI&B is core to who we are and what we do. From an employee-led Diversity Council empowering our differences, to multiple Employee Resource Groups (ERGs) creating a strong sense of belonging, to frequent outside speakers focusing on DEI&B topics, our commitment to DEI&B is non negotiable. Bettercloud is an equal opportunity employer and will continue to empower, celebrate and value our differences in order to grow community, safety and trust in our work environment. Join us and be part of an organization that celebrates and respects diversity. If you are interested in knowing more about our DEIB efforts, please visit our website:  https://www.bettercloud.com/diversity/