Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 1K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

RATE NOW!
- ABECA 2025
  
  RATE NOW!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Employer? Claim Account for FREE

HashiCorp

Compare

4.7

based on 14 Reviews

20 HashiCorp Jobs

Sr. Compliance Specialist

HashiCorp

4.7

based on 14 Reviews

8-12 years

Bangalore / Bengaluru

1 vacancy

Sr. Compliance Specialist

HashiCorp

posted 16hr ago

Job Role Insights

Flexible timing

Key skills for the job

Social Work Cloud Computing Automation Testing Auditing Internal Audit Compensation

+ 3 more

Job Description

About the Role

We are looking for a Senior Compliance Specialist (Security GRC) to join the Security GRC team at HashiCorp. In this role you will focus on leading efforts to execute/facilitate ongoing compliance controls and processes, including performing user access reviews, tracking gaps and remediation plans, following up on overdue security training, and others. You will also perform controls testing and internal audits, and work with teams on control rollout and validation as needed.

We are looking for a self-motivated individual who thrives in a fast-paced environment, can seamlessly drive efforts across multiple projects, and work with various stakeholders.

Security at Hashicorp is a remote team. While prior experience working remotely isn t required, we are looking for team members who can perform well given a high level of independence and autonomy.

In this role, your responsibilities will include:

Monitoring and tracking of control exceptions, if applicable, for timeliness of remediation
Monitoring and tracking of approved policy exceptions, if applicable, for upcoming expiration dates, performing outreach 30-60 dates before expiration.
Perform internal audits, including the annual ISO internal audit
Perform targeted and ongoing controls testing, and identifying opportunities for automation
Document the scope/boundaries of the compliance program (cloud accounts, repositories, Github teams, etc.) including updates, removals and additions.
Help drive the maturity of HashiCorp s Common Controls Framework
Identify opportunities to automate manual tasks, including continuous monitor of controls and audit evidence collection
Drive the initiation and completion of User Access Reviews (UARs) on a quarterly basis
Collect and report on metrics and data related to GRC processes, including access reviews and exceptions
Monitoring of Security Awareness Training (SAT) and Secure Development Training for completion, and following up on incomplete and overdue training
Support making changes to the controls framework using Github
Help develop and document minimum control test procedures for each control in the controls framework
Perform reviews of mappings in the controls framework to associated materials, such as the Security Policy, Security Exhibit, etc. upon changes being made to those materials
Support the development of audit documentation such as prep agendas, walkthrough agendas, etc.
Support and perform other GRC work and initiatives as assigned and needed

Must have qualifications

Minimum of 8 years of related professional security, risk and compliance experience
Previous experience in a cloud environment, preferably AWS and/or Azure
Advanced level knowledge either SOC 2 or ISO 27001
Comfortable working with both deeply technical and non-technical people
Flexible in daily hours (e.g., willingness to work longer hours during end of quarter and peak periods, and audit)
Highly responsive
Ability to prioritize and track multiple projects and tasks in parallel

Desired Qualifications

Experience working in a large, multi-cloud environment
Deep understanding of common security compliance frameworks, attestations and certifications
Previous experience at a technology or SaaS company in a similar role
Experience working with OSCAL

Employment Type: Full Time, Permanent

Read full job description

Prepare for Compliance Specialist roles with real interview advice