Senior Security Trust & Compliance Analyst (GRC Analyst)
At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny.
As a Senior Security Trust & Compliance Analyst at Klaviyo, you’ll work across the organization to support and mature our customer security questionnaires and internal security audits, both of which provide assurance to our customers while also enhancing the overall security of Klaviyo. You’ll work on translating security concepts for your fellow Klaviyos and bolster security culture throughout the company, including by helping drive our security awareness and training, phishing testing, and internal security Q&A programs. This is your opportunity to take an active role in cybersecurity, applying and growing your expertise in security automation, risk analysis, control design, audit management, modern SaaS platform architectures, and many domains of information security (just about all of them!)
What you’ll be doing
- Automate and streamline our Trust & Compliance workflows, including control testing, evidence collection, identity governance, and security Q&As for employees and customers, with a penchant for creating excellent self-service experiences
- Own internal and external audits or examinations preparation; coordinate with stakeholders to ensure control evidence is appropriate, and develop action plans to correct findings/exceptions.
- Develop our security awareness programming, including creation of role-specific education, phishing training, and continuous education.
- Mentor and train other junior members of the team
We’d love to hear from you if you have most of the following:
- Experience with GRC engineering or security automation in general
- Experience owning or implementing security and privacy compliance programs such as SOC 2, ISO 27001, ISO 27017, ISO 27018, ISO 27701, CSA STAR, GDPR, CCPA, SOX, etc.
- Knowledge of various enterprise SaaS applications, cloud infrastructure such as AWS, modern software engineering practices/tools, databases, operating systems, secure network design, and other technology relevant to cybersecurity
- Excellent interpersonal and communication skills and the ability to form relationships with internal and external teams.
Bonus points if you have any of the following:
- Experience contributing to security audit programs and working with internal and external auditors
- Familiarity with compliance automation tooling
Everyone on our team needs to have the following:
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Solutions oriented mindset
- Excellent verbal and written communication
- Working collaboratively inside and outside your direct team
- Strong alignment with Klaviyo’s core values
The pay range for this role is listed below. Sales roles are also eligible for variable compensation and hourly non-exempt roles are eligible for overtime in accordance with applicable law. This role is eligible for benefits, including: medical, dental and vision coverage, health savings accounts, flexible spending accounts, 401(k), flexible paid time off and company-paid holidays and a culture of learning that includes a learning allowance and access to a professional coaching service for all employees.
Get to Know Klaviyo
We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you’re ready to do the best work of your career, where you’ll be welcomed as your whole self from day one and supported with generous benefits, we hope you’ll join us.
Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.
You can find our Job Applicant Privacy Notice here.