Compliance Advisor (Remote)

As a Compliance Advisor at Drata, you are a customer-facing information security and compliance expert for the world’s most advanced security and compliance automation platform. Compliance Advisors execute within the Customer Success function at Drata and work closely with all teams to drive fast and smooth audit readiness programs, create and deliver best practices in meeting requirements for control and privacy frameworks, and advocate on behalf of customers’ needs for a rapidly growing platform. You’ll build trust and empathy with Drata’s customers as you advise them toward a continuous and self-sufficient security, risk and compliance posture.

This role is required to work from 9am - 6 pm Pacific Time or Mountain Time

What you’ll do:

• Advise customers in building information security policies, uploading evidence for controls and overall audit readiness as they prepare for audits and assessments against SOC2, ISO 27001/270002, HIPAA, PCI, HITRUST, NIST CSF, NIST 800-53, NIST 800-171, CMMC, FedRAMP, GDPR, CCPA, etc.
• Primarily serve as a compliance expert via live chat, in customer-facing meetings, via email and executable work for customers.
• Development and present documentation for the GRC industry best-practices and on common compliance questions received from customers for both external and internal audiences.
• Research and stay updated on major cloud providers’ services, emerging technologies in the cybersecurity space, and new and updated information security and compliance frameworks/standards and privacy standards.
• Assist in creating external training content, videos and webinars.
• Collaborate and provide feedback with the Product team in their development of a common control mapping across multiple information security and privacy frameworks ( ex: SOC2, ISO 27001, HIPAA, PCI, HITRUST, NIST 800-53, NIST 800-171, CMMC, FedRAMP, GDPR, CCPA, etc. )
• Assist with reviewing marketing articles and blog posts for accuracy, as needed.
• Assist the Sales team, as needed, with responding to prospective customer questions.
• Partnering with Customer Success and Account Managers in providing current customers with additional compliance advisory services, as needed.
• Assisting with internal GRC initiatives, such as internal audits and other compliance initiatives.
• Contribute to the ongoing internal learning and success of our team by sharing knowledge through mentorship and collaboration.

What you’ll bring:

• Minimum two years experience in helping organizations design, build, and operate out their risk, security, and compliance programs based on controls or privacy frameworks, such as SOC2, ISO 27001/270002, HIPAA, PCI, HITRUST, NIST CSF, NIST 800-53, NIST 800-171, CMMC, FedRAMP, GDPR, CCPA, or other major compliance and controls regulations and frameworks.
• Strong background and understanding of GRC (Governance, Risk, and Compliance) programs, processes, functions, and operational teams.
• Familiarly with GRC and/or cybersecurity technologies.
• While not required, previous experience at consulting, audit, and advisory firms (PwC, KPMG, EY, Deloitte, Accenture, etc.) or at GRC/cybersecurity technology companies, is preferred.
• Proven self-starter able to identify priorities, take ownership of work, and learn new compliance frameworks quickly.
• An ability to develop and cultivate positive relationships with customers.
• Desire to work at a rapidly growing startup with a team-player mindset.
• A proactive approach to managing your workload and day.
• Constant ability to iterate and improve upon existing processes.
• A strong ability to work within a high-speed and high-volume environment.

Benefits:

• Healthcare: 90-100% paid premiums for medical, dental, and vision plans for employee and dependents + on demand health care concierge
• HSA, FSA, & DCFSA: Pre-tax savings plans for healthcare and dependent care, with up to a $600 annual employer contribution to the HSA plan (if enrolled in HSA medical plan)
• 100% paid short and long term disability plus life + AD&D benefits
• Learning & Development: $500 annually towards professional development opportunities + $250 annually towards personal development opportunities
• Flexible Time Off: Flexible vacation policy for strong, fully charged batteries
• 16 Weeks Paid Parental Leave: An inclusive policy to ensure you have time with your newborn, newly adopted, or foster child
• Work Remotely: Flexible hours and work from home + $1,000 annually to cover necessary business related items for your home office
• 401K: Reach your financial goals while reducing your taxes

This role will receive a competitive base salary, variable compensation, benefits, and stock, typically in the form of Restricted Stock Units (RSUs). The applicable range of On-Target Earnings (OTE) for each US-based role is based on where the employee works and is aligned to one of 3 tiers based on the cost of labor for that geographic area. The expected OTE ranges for this role are set forth below, subject to change. 

Tier 1: $93,500 - $115,500

Tier 2: $84,150 - $103,950

Tier 3: $74,800- $92,400

You can view which tier applies to where you plan to work here. A variety of factors are considered when determining someone’s leveling and compensation–including a candidate’s professional background and experience. These ranges may be modified in the future and final offer amounts may vary from the amounts listed above.