We’re a pre-IPO company with campuses in Mountain View, San Francisco, and Atlanta. We make it easy for businesses to understand how customers interact with their digital properties so that they can improve their customer experience. We do this by giving companies on-demand access to people in their exact target market who deliver video, audio, and written feedback on websites, mobile apps, and prototypes. Over 34,000 companies, including Google, Facebook, CBS, Apple, and The Home Depot, use UserTesting to improve their user experience—and their bottom line.
What makes the difference between a website or app that’s engaging, compelling, and easy to use and one that’s frustrating, broken, and complicated? The answer is user experience. Here at UserTesting, our mission is to help our customers create great user experiences.
We are looking for a self-starter that is excited about the opportunity to build UserTesting’s IT security policies and processes from scratch. You’ll bring a desire for building and owning processes, a meticulous attention to detail, a sense of scrappiness, and diplomacy to your work.
This is a highly visible role as your main responsibilities include driving the process for compliance and certifications.
What you’ll do:
- Perform security self-assessments in accordance various regulatory standards such as SOX 404, SSAE 16, SOC2, ISO 27001 to identify and mitigate information security risks
- Communicate gaps to the executive team, develop remediation plans, and work with internal stakeholders to ensure compliance with regulations
- Identify, research, and evaluate new IT compliance requirements and determine impact to the company
- Develop, implement, and maintain IT/security policies, controls, and procedures
- Manage all vendor risk assessments and respond to security questions from our customers and vendors
- Lead security-related meetings with customers and management
- Understand the security needs of internal and external stakeholders, regulators, and auditors
- Develop a company culture that is committed to information security best practices
- Complete various security and IT operational projects as needed
- Bachelor’s degree in Information Systems, related major, or equivalent work experience
- 3+ years experience in information security or IT audit, preferably in a fast-growing startup environment
- Previous experience implementing common IT security regulations, standards and audit frameworks such as SOC 1, SOC 2, ISO 27001
- Ability to design a compliance assessment framework, request and analyze evidence, understand what practices are actually in place through stakeholder interviews
- Strong understanding of SaaS company processes, information security, and technical terminology/concepts
- Exceptional communications, interpersonal, and relationship management skills
Besides a great work environment and the opportunity to change the world, we offer competitive salary, benefits, plenty of perks, as well as stock options.