Security & Privacy Specialist

Insurance... sounds slow, old-fashioned, and unexciting. Exactly. Insurance is broken, and it's failing fast-moving, innovative startups.

Vouch is a new, technology-first insurance company, backed with $100M in funding from world-class investors. Like Stripe for payments or Brex for credit cards, Vouch is creating the go-to business insurance for high growth companies.

We're doing this by making insurance fast, responsive, and focused on our customer -high growth and innovative companies. Instead of printed PDF applications and week-long waits, Vouch is building new technology to solve real problems, writing policies that actually cover relevant startup scenarios, and designing simple experiences in an otherwise frustrating industry.

What does a work environment look like at Vouch?

Vouch has a 3-HQ model: Office-Based, Office-Linked, and Remote-First. This role is Remote-First, which means that team members can work from anywhere in the U.S. so long as they can work during Vouch core collaboration hours (9am-3pm PT Mon-Fri).

Role Responsibilities:

In this role, you will be the leader and subject matter expert on Vouch's security and privacy programs. You will lead cross-functional privacy reviews for Vouch's products against state, federal, global, and industry security and privacy frameworks. You will also collaborate cross-functionally to drive security best practices throughout program or product life cycles. You will operationalize and scale enduring programs related to regulatory, customer, and corporate security requirements. In this role, you will work closely with product, engineering, legal, and compliance teams. This role is an opportunity to make an immediate and lasting impact on the future of Vouch's data and security practices.

Job Duties:

• Engage with cross-functional stakeholders to define security, risk, and compliance requirements
• Advise on the legal and regulatory requirements that apply to Vouch's business
• Facilitate discussion and coordination among product managers, engineering teams, and privacy stakeholders across the company to develop creative solutions to privacy-by-design challenges
• Drive and support privacy programs that meet legal and industry requirements.
• Lead, coordinate and manage internal and external assessments of Vouch's privacy and security programs and processes
• Lead cross-functional teams through full program lifecycles by defining scope/success criteria, setting expectations, establishing timelines, implementing solutions, and measuring success and lessons learned
• Assist and advise on data governance and management as it pertains to Vouch's privacy and security programs and processes
• Define processes end-to-end and drive improvements for maximum impact
• Operationalize strategic security and privacy programs by making them efficient, scalable, reliable, and auditable
• Develop, implement, and iterate on program management procedures, frameworks, and metrics to achieve business goals with defined success criteria
• Quarterback security incident responses and retrospectives
• Review vendor security questionnaires
• Identify program risks and drive the implementation of recommended mitigations
• Drive cross-functional and effective communications throughout the program lifecycle, providing the visibility and transparency required to ensure cross-functional team and stakeholder alignment
• Develop, define and report on program health and success metrics

About you:

• J.D (2016 or earlier) and admitted to practice law in one or more states
• 5+ years of work experience in or advising on Security or Privacy Program Management
• Analytical, problem-solving, negotiation and organizational skills with a clear experience focusing under pressure
• Experience driving projects end-to-end independently, including evaluating, defining and improving end-to-end processes
• Experience influencing stakeholders and partner teams, especially in collaborating with different individuals across the organization and within other geographies
• Communication skills across technical and non-technical stakeholders and attention to detail
• Experience managing competing priorities and simultaneous/concurrent projects in a fast-paced environment

Nice to have:

• SANS, CISSP, CIPP, CIPM, CIPT or other related certifications
• Familiarity/experience with compliance programs such as GDPR, ISO27001, IS027018, SOC 2 PCI, NYDFS Cybersecurity Rule, and CCPA
• Experience with Compliance, Risk, IT Audit, or Technical Program Management
• Experience working in a financial services or insurance business

Vouch provides a number of benefits to help you bring your best self to work:

• Competitive compensation and equity packages
• Health, dental, and vision insurance
• Parental leave
• Flexible vacation time (Unlimited PTO)
• Wellness allowance ($80/month)
• Technology allowance ($100/month)
• Monthly Doordash credits ($80/month)
• On-time Work-from-Home Stipend ($500)

Vouch believes in putting our people first and building a diverse team is at the front of everything that we do. We welcome people from different backgrounds, experiences, and perspectives. We are an equal opportunity employer and celebrate the diversity of our growing team.