Security Compliance Manager

About HiveHive is the leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations. The company empowers developers with a portfolio of best-in-class, pre-trained AI models, serving billions of customer API requests every month. Hive also offers turnkey software applications powered by proprietary AI models and datasets, enabling breakthrough use cases across industries. Together, Hive’s solutions are transforming content moderation, brand protection, sponsorship measurement, context-based ad targeting, and more.Hive has raised over $120M in capital from leading investors, including General Catalyst, 8VC, Glynn Capital, Bain & Company, Visa Ventures, and others. We have over 250 employees globally in our San Francisco, Seattle, and Delhi offices. Please reach out if you are interested in joining the future of AI!Security Compliance ManagerWe are looking for a highly motivated Security Compliance Manager with a deep security and compliance background to lead system development and process improvement. As part of Hive’s Security Team, you will collaborate with engineers and auditors to meet security compliance controls as well as enhance security compliance capabilities.As a Security Compliance Manager, you will oversee the execution of our Information Security program for evaluating compliance with industry standards (ISO, SOC), federal regulations, and customer contractual requirements. You will have complete ownership and accountability of programs from start to finish, aimed at improving the Hive Company personnel screening compliance and risk monitoring. The ideal candidate is comfortable interacting with both technology and business leaders across the organization at all levels. You will drive consensus among stakeholders and verify that controls are effective, or remediated to become effective.ResponsibilitiesManage Hive’s current risk management programManage external and internal audits, including reviewing materials that require attention for accuracy and properly adhering to regulatory expectationsImplement ISMS in coordination with executive and mid-level managementDevelop reports that capture key business trends, highlights, lowlights, and metrics as the compliance programs are conducted. Provide status, recommended updates, and detailed metrics and evidenceWork with Engineering and Product teams to identify process improvements and efficiencies in areas of change management, access management and general technology process controlsProvide compliance, risk, and controls expertise to support information security and compliance initiativesProtect the business by assisting with cyber security risk assessmentsMaintain awareness of industry best practices for data maintenance handling as it relates to your roleManage a comprehensive Governance, Risk and Compliance programAdhere to and champion policies, guidelines and procedures pertaining to the protection of information assetsManage external security, privacy, and compliance requirements, including both internal requirements for vendors as well as external requirements placed on HiveReport actual or suspected security and/or policy violations/breachesDefine, develop, implement, and maintain our policies and processes that enable consistent, effective privacy practices that minimize risk and ensure the confidentiality of protected information, paper and/or electronic, across all media types and comply with applicable privacy laws and regulationsSupport Hive’s security review process from beginning to end by identifying all necessary internal stakeholders based on the request (e.g., security survey, audit, review), assembling relevant and appropriate documentation, drafting responses, scheduling and leading calls/meetings, and communicating follow-up activitiesServe as a subject matter expert for information security principles and practices (especially as they pertain to vendors and cloud security), and promoting a culture of security throughout the firmInterface with staff throughout the firm to facilitate the efficient and secure use of technology servicesRequirementsBachelor's degree or related experienceMinimum 4+ years experience related to conducting risk-based assessment for information systems and/or operationsMinimum 1+ years experience running a comprehensive Governance, Risk and Compliance programMinimum 2+ years experience leading industry standard (ISO 27001 or SOC 1/2) audits from either sideStrong knowledge of applicable privacy laws (CCPA/CPRA, GDPR)Thorough understanding of vulnerability management, penetration testing, and attack simulationsExperience supporting enterprise-wide Security Compliance programs designed to anticipate, assess, and minimize control gaps and audit findingsAbility to communicate in a written and oral format to technical and non-technical audiences in a business-friendly mannerDemonstrated success in a competitive environmentHighly self-motivated and ambitious in achieving goalsStrong team player, but can work and execute independentlyDriven; no one needs to push you to excel; that’s just who you areHungry to learn and actively look for opportunities to contributeHighly organized and detail-oriented; can handle multiple projects and dynamic priorities without missing a beatWho We AreWe are a group of ambitious individuals who are passionate about creating a revolutionary AI company. At Hive, you will have a steep learning curve and an opportunity to contribute to one of the fastest growing AI start-ups in San Francisco. The work you do here will have a noticeable and direct impact on the development of the company.Thank you for your interest in Hive and we hope to meet you soon!The current expected base salary for this position ranges from $140,000 - $180,000. Actual compensation may vary depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience, and location. Base pay is one part of the total compensation package that is provided to compensate and recognize employees for their work; stock options may be offered in addition to the range provided here.

#J-18808-Ljbffr