Security and Compliance Manager

About us
At Udemy, we're on a mission to improve lives through the power of learning. We're a leading global learning company and one of the world's largest education platforms, with more than 57 million learners. Our goal is to provide flexible, effective skill development to empower organizations and individuals.
Talented people are everywhere, and the right opportunity can be hard to come by. That's why we're focused on revolutionizing learning, using our skills and expertise to help others develop theirs and reach their full potential. Individually, we bring our unique perspective to reimagine the way we share knowledge. Together, we can improve lives by making learning more accessible for our learners, our instructors, and businesses around the world.
Udemy is headquartered in San Francisco with global offices in Australia, India, Ireland, Türkiye, and the US. Learn more on our company page .
About you
You're an analytical problem-solver ready to put your skills toward purposeful work that has a global impact. You want to lead the way in innovation, exploring the latest technologies and finding new solutions. You thrive in a collaborative environment and are eager to work with and learn alongside the best in Product, Design, and Engineering.
About this role
The Security and Compliance Manager is responsible for Control framework compliance oversight and execution of governance activities. The selected candidate will prioritize and track security and compliance risk issues, guide internal and external stakeholders on mitigation, identify risks that increase loss probability, and communicate the posture to the Leadership team. The candidate will act as a subject matter expert for Security Governance, Risk, and Compliance.
What you'll be doing:

• Consult with business stakeholders and leadership teams to translate compliance and security requirements into action plans.
• Prepare or assist with responses to a prospective customer and business partner RFPs and questionnaires.
• Prioritize remediation of weaknesses discovered during internal and external audits.
• Educate Peers and Stakeholders on compliance obligations and regulatory impacts from changes in business operations.
• Partner cross-functionally with team members, consult and inform leadership.
• Coordinate internal and third-party audits.
• Consistently deliver on multiple projects and goals simultaneously.
• Understand how different technology, systems, processes, teams, departments, etc., fit together and interact.
• Assist developing, delivering, and reporting security awareness training compliance.
• Collect and analyze audit evidence from Business, and IT teams to support continuous compliance.
• Perform third-party due diligence, and monitor third-party services and applications used by Enterprise personnel.

What you'll have :
Bachelor's degree or equivalent work-based experience is required.

• Experience performing audit functions in a hybrid computing environment (On-premises, IaaS, PaaS, etc.).
• Must have 3-5 years of operational experience contributing to internal and third-party risk assessments.
• Project management experience preferred.
• Must have experience performing audit functions in a regulated environment requiring compliance with standards and regulations such as PCI-DSS, SOC/TSC, Sarbanes-Oxley, GDPR, and FedRamp.

We understand that not everyone will match each of the above qualifications. However, we also realize that everyone has unique experiences that can add value to our company. Even if you think your background might not perfectly align, we'd love to hear from you!
Life at Udemy
We aspire to be as vibrant and dynamic as the communities we serve, as inquisitive as those who use our platform, and as revolutionary as the future we strive to open for everyone. Here are some of the things we love about life at Udemy:

• We're invested in creating an inclusive environment that welcomes a diverse range of backgrounds and experiences . From creating employee resource groups, ensuring we're a Fair Pay Workplace, and building a flexible work culture, our belonging, equity, diversity, and inclusion (BEDI) initiatives always put our people first. We want you to be able to bring your authentic self to work because when we all do, we're better for it.
• Learning is what we do - inside and out. Our Learning & Development team is second to none, helping ensure your journey is one of continuous progression. You'll also have unlimited access to Udemy courses, monthly UDays (meeting-free professional development days), and a generous annual professional development stipend.
• Our reason to exist is to revolutionize learning - that calls for taking risks and learning from failures. Whether it's our hackathons (a company-wide effort to envision new possibilities for our product) or sharing our prototypes, we see experimentation as a crucial step on the path to success.
• We're committed to creating world-class employee experiences and are proud of the recognition of this by Great Place to Work. Learn more about our certification here and find out what it's like to work at Udemy on our blog .

Of course, the best thing about being part of Udemy is knowing your work makes a difference for people and organizations around the world. You've got the skills; why not use them to help others develop theirs?
At Udemy, we value diversity and inclusion and consider qualified applicants without regard to race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, or disability. We will consider for employment qualified applicants with arrest and conviction records.
Udemy benefits:
Eligibility: Regular, full-time employees are eligible for Udemy's benefit programs.
Health plans: Medical, dental, and vision coverage (100% coverage for employee-only).
HSA/FSA/Commuter: Pre-tax savings/spending plans available; generous HSA employer contributions for those enrolled in the HDHP medical plan.
Life/Disability: Employer-paid life insurance (supplemental available), in addition to short-term and long-term disability.
Retirement: Access to 401(k) with annual employer contribution.
Wellbeing: Corporate memberships for meditation and mindfulness, therapy and coaching, financial planning, primary care, tele-health, health advocacy, parent/newborn support, and employee discounts.
Education: Free access to the entire course library on the Udemy and Udemy Business platforms; annual stipend for external learning beginning at six months of employment.
Charitable matching program: Employer match of monetary contributions to eligible nonprofits and charities that carry a 501(c)(3) tax status (up to $100 per year).
Vacation: 15 days per year of Paid Time Off for hourly; flexible Discretionary Time Off for salaried.
Parental benefits: 8 weeks of leave at 100% pay for parents who take time off from work following the date of birth, adoption, or foster placement beginning at six months of employment; this amount is in addition to pregnancy-disability benefits at 100% pay, if applicable; a $25,000 lifetime benefit for reimbursement of eligible fertility, adoption, and surrogacy expenses.
Holidays: 11 paid holidays throughout the year.
Would you like to learn more about Udemy? Here are a few resources:
How Udemy Started [video]
Investor Overview
The hiring range for this position is $124,000 - $170,500. Actual compensation is based on several factors, including but not limited to job-related skills, qualifications, experience, and specific work location due to differences in the cost of labor. In addition to a base salary, this role is also eligible for benefits and equity.
Information regarding data privacy is available within the Udemy Careers Privacy Notice .
#LI-ST1