Security Compliance Lead
Company: Lightspark Group
Location: Los Angeles
Posted on: November 9, 2024
Job Description:
Lightspark is the easiest, most reliable, enterprise-grade
gateway to the Lightning Network, enabling money to move just like
bits and bytes do on the Internet. Lightspark services aim to be
the fastest, lowest cost, easiest and most reliable way to send and
receive payments globally using Lightning. We want to deliver open
payments for the Internet at scale and we're laser-focused on
solving real problems for our customers with best-in-class
innovative software solutions. We aim to help businesses around the
world benefit from real time payments and build amazing new
experiences for themselves and their customers. Lightspark is
headquartered in Los Angeles but serving the world.At Lightspark,
we are pioneering the future of payments by leveraging the Bitcoin
network and diving deep into the capabilities of the Lightning
Network. Our mission is to make money flow and unlock the global
opportunity.We are seeking a Security Compliance Lead to run and
improve Lightspark's technology security compliance program. This
includes driving technical projects that enhance our compliance
infrastructure. You will play a crucial role in identifying
necessary security and compliance controls in the context of our
quickly growing and evolving business and tech stack, building and
deploying policies and governance, and working with our engineering
department to implement best-in-class security practices and
long-term security strategies.This position requires strategic
thinking, hands-on execution, and the ability to work effectively
across multiple teams. The ideal candidate will have a proven track
record in compliance and policy building and adhering to the
highest security standards. An engineering background is a plus but
by no means required.WHAT YOU'LL BE DOING:
- Ensure adequate project management tracking and facilitate
communication within the program, team and other stakeholders
- Collaborate with engineering, IT, and business owners to define
program requirements, set priorities, and establish scope of
policies and programs
- Manage interdependencies across operations & projects within
the program to mitigate roadblocks to ensure critical project
delivery on time
- Develop and maintain technical policies, standards, and
guidelines aligned with organizational objectives and legal
requirements, including compliance and audit planning
- Drive improvements to our SOC 2 program, including the addition
of additional TSC and underlying design, implementation and
operating effectiveness of controls
- Manage technical audits (e.g. code audits, security audits),
SOC2 program, customer due diligence processes, and third party
risk management program, liaising directly with external
stakeholders, as well as manage the process of internally conducted
reviews and audits of our programs, ensuring compliance with best
in class security industry standards
- Program manage security related system implementations, third
party and internal, for end to end delivery.
- Design and execute security training and awareness programs for
the technical organizations as well as assist in the coordination
and delivery of other company specific trainings
- Create process improvements within the team, using data and
metrics tracking within team
- Startup Mentality: While the role is balanced on strategy,
program management, and hands-on execution, you will be expected to
act as an individual contributor when needed. We are a startup!WHAT
WE'RE LOOKING FOR:
- A minimum of 4 years of experience in security policy and
compliance for technology.
- Knowledge of industry standards like ISO 27001, NIST, or OWASP
is a plus
- Understanding of payment-related regulations such as PCI-DSS,
PSD2, and other regional compliance requirements
- Preferred certifications: PMP, CISSP, CEH, or equivalent
- Experience being flexible and thrives in fast-paced changing
problem spaces
- Excellent problem-solving, analytical, and communication
skillsLightspark is on a mission to build an open payment protocol
for the Internet at scale and therefore we're committed to creating
a more inclusive and diverse workplace to reflect the customers we
serve. We welcome interest from individuals of all backgrounds and
levels of experience who share our mission. We do not discriminate
based on race, religion, color, national origin, gender, sexual
orientation, age, marital status, veteran status, disability
status, or other applicable legally protected characteristics.We
will consider for employment qualified applicants with criminal
histories in a manner consistent with the requirements of the State
of California Fair Chance Initiative for Hiring.
#J-18808-Ljbffr
Keywords: Lightspark Group, Los Angeles , Security Compliance Lead, Other , Los Angeles, California
Didn't find what you're looking for? Search again!
Loading more jobs...