Lightspark
Lightspark is the easiest, most reliable enterprise-grade gateway to Lightning for fast, cost-efficient bitcoin payments
11 - 50
Security Compliance Lead
August 7
🏢 In-office - Los Angeles
Lightspark
Lightspark is the easiest, most reliable enterprise-grade gateway to Lightning for fast, cost-efficient bitcoin payments
11 - 50
Description
• Ensure adequate project management tracking and facilitate communication within the program, team and other stakeholders • Collaborate with engineering, IT, and business owners to define program requirements, set priorities, and establish scope of policies and programs • Manage interdependencies across operations & projects within the program to mitigate roadblocks to ensure critical project delivery on time • Develop and maintain technical policies, standards, and guidelines aligned with organizational objectives and legal requirements, including compliance and audit planning • Drive improvements to our SOC 2 program, including the addition of additional TSC and underlying design, implementation and operating effectiveness of controls • Manage technical audits (e.g. code audits, security audits), SOC2 program, customer due diligence processes, and third party risk management program, liaising directly with external stakeholders, as well as manage the process of internally conducted reviews and audits of our programs, ensuring compliance with best in class security industry standards • Program manage security related system implementations, third party and internal, for end to end delivery. • Design and execute security training and awareness programs for the technical organizations as well as assist in the coordination and delivery of other company specific trainings • Create process improvements within the team, using data and metrics tracking within team • Startup Mentality: While the role is balanced on strategy, program management, and hands-on execution, you will be expected to act as an individual contributor when needed. We are a startup!
Requirements
• A minimum of 4 years of experience in security policy and compliance for technology. • Knowledge of industry standards like ISO 27001, NIST, or OWASP is a plus • Understanding of payment-related regulations such as PCI-DSS, PSD2, and other regional compliance requirements • Preferred certifications: PMP, CISSP, CEH, or equivalent • Experience being flexible and thrives in fast-paced changing problem spaces • Excellent problem-solving, analytical, and communication skills
Benefits
• Offers Equity • Offers Bonus
Apply Now
