Risk and Audit Specialist

About platform.sh

The Platform.sh Platform-as-a-Service (PaaS) removes the complexities of cloud infrastructure management and optimizes development-to-production workflows, reducing the time it takes to build and deploy applications. Delivering efficiency, reliability, and security, giving development teams both control and peace of mind. Built for developers, by developers.

Adopted and loved by 16,000+ developers, 7,000 customers, and proven over the last 8 years - Platform.sh provides out-of-the-box capabilities that serve as the launchpad for creative development teams’ out-of-the-box thinking.

We provide 24x7 support, managed cloud infrastructure, and automated security and compliance with an all-in-one PaaS. We give our customers complete control over their data by keeping applications secure and available around the clock.

Platformers are a remote, global workforce, and we thrive in a multicultural team. We are committed to open source and an open, welcoming environment. Our team spans the globe and the experience spectrum. What's our commonality, our cultural fabric? A curious spirit and a thirst for knowledge; an eagerness for innovative ideas and cultures. We believe we can build anything together in an environment that frees you to do your best work.

Bring your expertise and enthusiasm to our growing, global organization. Your contributions, collaboration, and unique point of view are recognized and valued here.

Position Summary:

Platform.sh is looking for a motivated Risk & Audit Specialist to join our team, where you'll play a key role in maintaining and enhancing our security and compliance standards. In this role, you'll manage crucial compliance certifications (PCI, SOC2, GDPR, and ISO 27001), lead risk assessments, conduct internal audits, and ensure we meet all regulatory requirements. You’ll have the opportunity to grow within the team, mentor junior colleagues, and drive our continuous improvement initiatives. If you enjoy tackling challenges in a supportive and rewarding environment, this is a fantastic chance to join us and help keep Platform.sh at the cutting edge of compliance and security.

With a solid background in compliance and risk management, you'll assess and manage company risks, evaluate internal controls, and champion ethical practices. You’ll also support our sales team by addressing security and compliance questions, reviewing contracts, and keeping our Trust Center up to date. This dynamic role is perfect for someone with outstanding communication, analytical, and technical skills, ready to make a meaningful impact on our organization’s security and compliance efforts.

What to expect:

• Lead transformative and technical compliance initiatives that shape the future of our risk management programs.
• Provide management with key insights on the health of our risk and audit activities, ensuring our organization remains secure and compliant.
• Take charge of internal assessments, risk assessments and third-party assessments, ensuring adherence to best practice security standards and regulatory requirements.
• Play a crucial role in assessing and managing security risks, helping us navigate complex regulations and maintain robust internal controls.
• Respond to potential or existing customer questions related to our security and compliance practices as part of sales enablement/support.
• Monitor and evaluate the impact of new features, technologies, and processes on our risk and audit activities, keeping us ahead of potential challenges.
• Engage with stakeholders, providing expert guidance on our security and compliance practices to build trust and support sales efforts.
• Respond to ad hoc needs internally, by conducting assessments, monitoring security controls, and also collaborating with auditors to support our annual audit requirements.

What you bring:

• A Bachelor’s degree in a relevant field (e.g., Computer Science, Information Technology, Business) or equivalent experience.
• Proven experience in a similar role handling compliance aspects of mergers and acquisitions.
• Experience addressing client security and compliance queries.
• Extensive knowledge of compliance certifications (e.g., PCI, SOC2, GDPR, ISO 27001) and other relevant standards.
• Hands-on experience with security control monitoring and internal audits.
• Strong knowledge of technical risk management and security practices.
• Proficiency with risk and compliance management tools.
• Familiarity with third-party risk management processes.
  
• Solid understanding of risk assessment, internal controls, and regulatory compliance.
• Excellent communication skills, both written and verbal.
• Strong analytical and problem-solving abilities.
  
• Relevant certifications (CISA, CRISC, CGRC, GRCA, CC) preferred.

Where we hire:

At Platform.sh, remote work isn't just a trend - it's our way of life. The freedom of remote work with the support of a diverse, global team has been our successful model for nearly a decade! Our culture celebrates flexibility and collaboration, empowering you to excel from where you are. To enhance team synergy, we come together (at least) once a year in person, seizing the opportunity to connect, tackle challenges, and foster camaraderie. 

How we hire:

We know that a great hire won’t meet every requirement that we’ve outlined. If you can see yourself elevating the team, we want to hear your story. Few of us would be here had we not taken a chance.   

You can expect 4 interviews on Google Meet to follow the order below. Should you successfully move through the entire process you will have the opportunity to meet with a variety of Platformers. Our goal is to ensure you can make the most informed decision on whether this role, and our culture aligns with what you’re looking for in your future working environment. 

1. 45 Minutes with Talent Acquisition 
2. 60 Minutes with Hiring Manager (Director, Risk & Audit)
3. 60 Minutes with Team ( IC's)
4. 60 Minutes with Executive (VP, Data Protection & Compliance)

All roles require background checks.

What we offer:

💡 An innovative product you can believe in. We’re sustainably changing the way companies develop and manage their web applications

🏆 We’re voted as A Best Place to Work by 96% of our employees, Forbes Top 30 Companies for Remote Jobs, and France Best Workplaces for Women

🗣️ Leadership that cares in a flexible, open work environment, where your voice is encouraged. We can always find ways to do better and look forward to hearing your ideas

🌎 Global team, rich with culture and diversity

🧳 Annual team gatherings

💆‍♀️ Wellness budget

🧠 Professional development budget

💻 Office equipment budget

 👫 Mentorship Program

🩺 Comprehensive health coverage (US, CA, UK, and FR employees only)

🏝 Generous PTO (geographically dependent)

👶 Inclusive parental leave (geographically dependent)

🤝 Tandem – a pool of linguists from around the world willing to help each other learn new languages.

📈 Company stock options

♾️ Unlimited Platform.sh accounts

You’re welcome here.

At Platform.sh, we take pride in our commitment to being an inclusive and diverse workplace. We strive to create an environment built on trust, support, and respect for all individuals. We welcome everyone, regardless of gender identity and expression, race, ethnicity, disability, sexual orientation, color, religion, creed, gender, national origin, age, marital status, pregnancy, education, languages spoken, or veteran status. We encourage you to be yourself, connect with like-minded individuals, and share your passions.

If you require accommodation at any stage of our recruitment process, please don't hesitate to reach out to your talent acquisition partner. Your comfort and accessibility are important to us.