This is an exciting role where you’ll be setting our strategic compliance roadmap for both domestic and international growth; driving a unified compliance framework across Smartsheet, to meet all of our compliance standards including both our commercial and government services. Your cross-company communication skills will be an asset to build cooperation throughout the company to drive change.

You will report to our Sr. Director, Engineering located in our Bellevue, WA office, or you may work remotely from anywhere in the US where Smartsheet is a registered employer.

You Will: 

Establish best-in-class Compliance programs and policies to safeguard the company and its partners. Develop, enhance, and operationalize enterprise-level compliance, and privacy policies, processes, and controls to mitigate risk and comply with applicable laws and regulations. Perform ongoing monitoring and assessment of security, risk, and privacy controls. Collaborate and build relationships with operational departments (Engineering, Internal Audit, Risk, etc.) to develop and monitor policies and standards in compliance with applicable privacy policies and regulations. Act as the primary contact for all internal and external audits (privacy, security & compliance). Identify, track, monitor, and report on security controls and all applicable security requirements. Provide recommendations to stakeholders when appropriate. Conduct regulatory training for all employees and contractors. Drive strategic hiring initiatives to build and maintain a high-performing team, fostering collaboration, diversity, and providing opportunities for growth and advancement. Promote a culture of inclusivity, collaboration, and continuous learning. Mentor members of the compliance and wider security and engineering teams with regard to compliance principals.

You Have:

Bachelor’s degree in IT/Technology or legal field. 5+ years of experience in Information Security and Data Privacy Compliance positions. Expertise with compliance standards such as NIST CSF & 800-53, ISO 27000, SOC1/2, FedRAMP, IRAP Excellent project management and process improvement skills. Demonstrated agent for change implementing control frameworks throughout an organization. Past experience in compliance-based roles for SAAS companies is an asset. Knowledge of Business Continuity Planning is an advantage.