Job Description
**Job Summary:** Secure the internet and protect consumer data as a Subject Matter Expert, GRC at Vanta, a leading compliance and security company. At Vanta, our mission is to secure the internet and protect consumer data. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Our Security team uses our own Security and Privacy GRC experience to meet customer demand to help grow our market share as the industry leader in compliance and security. **Job Description:** As a Subject Matter Expert, GRC at Vanta, you will be a highly visible, customer-facing leader within Vanta's Security team, responsible for representing Vanta's Trust Management Platform to prospects and customers, as well as having a role in collaborating with internal teams to help drive and implement new features in the product. **Key Responsibilities:** * Oversee the work of the team and help SME's align projects with the organization's strategic direction * Track the team's performance and report KPIs and metrics to security team leaders * Partner with the Vanta's Sales and Customer Success teams to represent Vanta's Trust Management Platform to prospects and customers * Engage with executives and sr. staff at prospect and customer organizations to establish relationships with customer's Security and Compliance points of contact * Become an expert on the security features available for customers to deploy within Vanta, including best practices for implementation * Use your expert knowledge of compliance frameworks like SOC 2 and ISO 27001 to advise customers regarding questions about scoping, policy creation, detailed control requirements and security best practices * Collaborate with Vanta's GTM team to improve processes to enable faster and more seamless experiences for our customers * Coordinate with cross-functional teams to provide customers with meaningful updates on features and programs * Identify requirements that would enable additional customer use cases and drive implementation of customer requirements with relevant stakeholders * Provide input and feedback on the development of security and GRC product features for Vanta's customers * Answer prospect questions about Vanta's own security and compliance practices * Answer questions for internal stakeholders about security and compliance **Requirements:** * Experience working with security and privacy frameworks, including SOC2, ISO 27001, ISO 27701, Fed RAMP, HIPAA, GDPR, CCPA * Demonstrable expertise in SOC 2 or ISO 27001 at minimum * Experience managing people * Experience working and interfacing with C-level customer contacts * Technical expertise to understand and explain security and GRC concepts * Familiarity with Cloud Infrastructure, Version Control Systems, Risk Management, Vulnerabilities, and their related security processes * Experience in building productive relationships and driving collaboration with both technical and non-technical teams * Knowledge of the cybersecurity audit process * Public accounting experience preferred, but not required * Security compliance management experience within a SaaS environment preferred, but not required * Sales Engineering or Technical Support experience preferred, but not required * Security certifications (e.g. CISA, CISSP, CIPP/E) and/or formal education strongly preferred, but not required