Job Opening | Head of Security + Compliance | Calendly - Atlanta
Changing how the world schedules
The nature of work is changing and we’re at the center of it all. Since 2013, Calendly has been on a mission to take the work out of connecting so that our customers can accomplish more.
We’re obsessed with providing an elegant, delightful experience for our customers across industries like sales, recruiting, customer success and education. This shapes how we develop, design, market, sell, support and work as a team. We treat each other with respect and understanding, put first things first and never settle. While we’re results driven, we always make time to learn, grow and have fun celebrating our accomplishments.
With our highly disruptive business model, we’re experiencing exciting growth. We’re looking for more people to join our team and help shape a product used by more than a million people worldwide.
About the opportunity
Calendly is looking for a Head of Security + Compliance to join our fast growing team. This person will report to the Head of Business Operations and work alongside multiple departments. This role will own Calendly’s security policies, security auditing and testing programs and other key security initiatives. Our ideal candidate will be comfortable in a fast-paced startup environment.
Some challenges you’ll get to tackle
Stay ahead of the global threat landscape and the technologies used to defend Calendly’s corporate assets
Track the latest technical security innovations and stay up to date with the latest cyber security technologies
Drive change projects and build new capabilities that support a secure environment
Effectively communicate and educate Calendly employees from all functions on the purpose and vision of our security strategies
Work with leaders across all departments to help navigate through security control compliance standards (such as SOC2 and GDPR)
Respond to and help build efficient processes around security and legal related requests, contracts and questionnaires from existing customers and prospects
Create and implement a strategy for the development of information security technologies, policies and practices to secure protected and sensitive data while ensuring information security and compliance with applicable regulations
Write and test internal security related policies and procedures
Establish and iterate on system safeguards by directing disaster preparedness development as well as conducting preparedness tests
Advise senior leadership by identifying critical security issues and recommending risk-reduction solutions
Represent Calendly during third party audits
Participate and represent Calendly in security and compliance related questions from prospective customers
Assess risks associated with current and prospective third party products and vendors
Work with engineering on developing a process for risk assessments and prioritizing security vulnerabilities
Develop and roll out practical, effective internal training programs around security and compliance across the company
Create and manage secure onboarding and offboarding processes
Collaborate with marketing on how to best share Calendly security policies externally
Evaluate and manage vendors and programs that help improve Calendly’s security and compliance posture
You should apply if you have:
Been a key member in a compliance program for a SaaS company in frameworks such as SOC2, HIPAA, GDPR, PCI, ISO 27001
Minimum of 7 years of experience in a combination of risk management, information security and information technology fields.
Able to communicate and collaborate with leadership as the subject matter expert in security, while putting threats and incidents into business context
Significant experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of the business
Experience in dealing with internal / external auditors
Ability to create effective, practical, and ethical policies and procedures that address compliance controls
Self-driven and high attention to detail
Familiarity with SaaS, PaaS, IaaS providers and their impact and challenges from a compliance perspective
Fantastic written and verbal communication skills
Ability to operate in and maintain a fast pace and cadence
US Citizen or Permanent Resident (we do not sponsor at this time)
What you’ll enjoy about joining our team
Our team members well-being is just as important to us as their work. We offer competitive salary, unlimited paid time off and flexible remote work options to help maintain work-life balance. We also provide commuter benefits, snacks, happy hours, team-building events and so many other perks!
Join a diverse workforce, leading the way in scheduling automation.