Senior Security and Compliance Manager

Job Title: Senior Security and Compliance Manager
Company: Snapsheet
Job Location: Remote
Job Type: Full-time

About Snapsheet:Snapsheet exists to simplify claims. We leverage our expertise in virtual estimating and innovative claims management technology, transforming the end-to-end claims process - delivering faster, modern experiences for claims organizations of all sizes.

Role Overview:As theSenior Security and Compliance Manager, you will take full ownership of Snapsheet’s compliance function, ensuring our security framework scales effectively as we grow. This role is a critical part of our IT and security team, responsible for managing audits, strengthening security controls, and overseeing compliance training programs. You will work closely with department leadership to maintain and enhance security standards while driving compliance with key frameworks such as SOC 2, ISO 27001, and GDPR.

Responsibilities:

Compliance & Audit Management

• Lead the execution ofSOC 2 audits and oversee futureISO 27001 compliance efforts.
• Lead implementation of Snapsheet's Data Privacy Policy based on GDPR.
• Conduct internalsecurity and compliance audits, identifying risks, escalating issues, and implementing corrective actions.
• Manage client-facing security reviews, responding to due diligence questionnaires and providing audit evidence to external auditors.

Security Program Development

• Shape Snapsheet’ssecurity posture, evolving compliance programs to meet the increasing complexity of operations.
• Build ascalable and robust security framework, ensuring compliance with industry best practices.
• Oversee IT security tasks and align them with compliance requirements.
• Monitor and improveSLAs for security incidents, ensuring timely resolution of compliance gaps.

Training & Collaboration

• Assist in management and continuous improvement of compliance training.
• Collaborate withlegal, procurement, and IT teams to integrate vendor security into the vendor lifecycle.
• Work closely with leadership to enhance security initiatives and scale programs as Snapsheet grows.

Qualifications:

Required Skills & Experience

• 6+ years of relevant professional experience.
• 2+ years managing compliance programs forSOC 2, ISO 27001, GDPR, or similar frameworks at asoftware company with 100+ employees.
• Proven track record ofleading SOC 2 audits from start to finish, including meetings and providing evidence to auditors.
• Strong IT skills, including experience inmonitoring, networking, and mobile device management, with a focus on security.
• Ability to manage and improve compliance processes, includingtracking training programs, running penetration tests, and conducting routine internal audits.
• Strongprogram management and organizational skills, with experience coordinating cross-functional stakeholders and managing security reviews.

• Bonus Certifications such asGSEC, CRISC, CIPM, CISM, or ISO 27001.

What you’ll get:

• Remote working environment - your new commute is however long it takes to walk to your desk!
• Flexibility - empathy is ingrained in who we are and we are happy to offer a flexible PTO policy, casual dress code, and more!
• Development - Mentorship programs, 1-on-1 management, promote when ready culture, quarterly internal promotion opportunities, and goal setting sessions.
• Fun - Celebrations just because, yearly in-person and remote events, Snapsheet Swag, Employee Resource Groups, and more!

Total Benefits:

• Medical, dental and vision insurance through Blue Cross Blue Shield
• Unlimited PTO
• 4% 401k match program
• Monthly internet stipend
• Employee Assistance Program: offers 6 visits with trained counselors per life incident
• Yearly in-person events including our annual Summit and Roadshows
• Computer and equipment provided
• Snapsheet SWAG and mailers
• Unlimited opportunity for career growth, learning and company impact
• Macbook Pros with dual displays
• Open Hack Days twice a month

*Please note that we are unable to sponsor applicants for work visas for this position at this time.

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply for jobs unless they meet every single qualification. At Snapsheet, we are dedicated to building a diverse, inclusive, and authentic workplace, so if you’re excited about this role but your experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways.

Snapsheet is an equal opportunity employer.