CloudBees provides the leading software delivery platform for enterprises, enabling them to continuously innovate, compete, and win in a world powered by the digital experience. Designed for the world's largest organizations with the most complex requirements, CloudBees enables software development organizations to deliver scalable, compliant, governed, and secure software from the code a developer writes to the people who use it. The platform connects with other best-of-breed tools, improves the developer experience, and enables organizations to bring digital innovation to life continuously, adapt quickly, and unlock business outcomes that create market leaders and disruptors.
CloudBees was founded in 2010 and is backed by Goldman Sachs, Morgan Stanley, Bridgepoint Credit, HSBC, Golub Capital, Delta-v Capital, Matrix Partners, and Lightspeed Venture Partners. Visit www.cloudbees.com and follow us on Twitter, LinkedIn, and Facebook.
About the role
CloudBees, the enterprise software delivery company, provides the industry’s leading DevOps technology platform. CloudBees enables developers to focus on what they do best: Build stuff that matters while providing peace of mind to management with powerful risk mitigation, compliance, and governance tools. Used by many of the Fortune 100, CloudBees is helping thousands of
companies harness the power of continuous everything and gets them on the fastest path from a great idea, to great software, to amazing customer experiences, to being a business that changes lives. We are currently seeking an experienced professional to join our team in the role of Security Risk and Compliance Specialist to extend our compliance offering capability, CloudBees Compliance.
What you'll do
- Understand customer/user pains, industry trends, market and competitive landscape to drive product improvement and features prioritization
- Partner with design, and engineering to provide expert advice on technical aspects of technology and cyber resilience controls requirements needed to evidence compliance with industry best practice and regulatory frameworks.
- Define and create technical requirements, testing methodology, testing templates to cover industry best practice cyber and technology controls for evidencing controls operational effectiveness and hand over to the engineering team.
- Assist in the delivery of controls assessments and ensure they are reflected accurately in the product with evidence that can be accepted by Risk / Compliance and Auditors.
- Collaborate with and enable all internal stakeholders including: sales, marketing, professional services to drive corporate objectives.
- Ensure that security and compliance features are delivered on time, in accordance with the CBC product roadmap
- Knowledge of cyber security risk management with exposure to industry standards and frameworks such as FedRAMP, NIST Cybersecurity Framework, NIST 800-53, SOC II, US HIPAA, EU GDPR, PCI-DSS, Cloud Security Alliance, SOX and/or ISO2700.
- Demonstrated understanding of the techniques and methods of assessing and testing customers technology and cyber controls operational effectiveness to evidence compliance with some of the above standards e.g. as part of the audit, risk assurance, and consulting role, and security and operational compliance engineering role.
- Proven ability to engage with engineers, designers, and company leaders in a constructive and collaborative relationship
- Solid understanding of Software delivery lifecycle, tooling and processes.
- Strong knowledge of cloud and containers technologies (preferably a professional certification in a cloud provider technology (AWS, Azure, Google))
We’re invested in you!
We offer competitive benefits packages, opportunities for professional development, and more. We also offer generous paid time off to allow our employees time to rest, recharge and to be present with family and friends throughout the year.
At CloudBees, we truly believe that the more diverse we are, the better we serve our customers. A global community like Jenkins demands a global focus from CloudBees. Organizations with greater diversity—gender, racial, ethnic, and global—are stronger partners to their customers. Whether by creating more innovative products, or better understanding our worldwide customers, or establishing a stronger cross-section of cultural leadership skills, diversity strengthens all aspects of the CloudBees organization.
In the technology industry, diversity creates a competitive advantage. CloudBees customers demand technologies from us that solve their software development, and therefore their business problems, so that they can better serve their own customers. CloudBees attributes much of its success to its worldwide work force and commitment to global diversity, which opens our proprietary software to innovative ideas from anywhere. Along the way, we have witnessed firsthand how employees, partners, and customers with diverse perspectives and experiences contribute to creative problem-solving and better solutions for our customers and their businesses.