Governance Risk Compliance Specialist

Boost win rates, increase average deal size, and increase revenue per rep with Gong, the #1 Revenue Intelligence platform.

Check you match the skill requirements for this role, as well as associated experience, then apply with your CV below.

Governance Risk Compliance Specialist

Austin Chicago New York City Salt Lake City San Francisco

Gong transforms revenue organizations by harnessing customer interactions to increase business efficiency, improve decision-making and accelerate revenue growth.

The Revenue Intelligence Platform uses proprietary artificial intelligence technology to enable teams to capture, understand and act on all customer interactions in a single, integrated platform.

More than 4,000 companies around the world rely on Gong to support their go-to-market strategies and grow revenue efficiently.

As an individual contributor of trust operations on our Security team, you’ll play a key role in ensuring customer trust is core to our product and company.

RESPONSIBILITIES

• Create and update Security Policies, standards and procedures.
• Create and manage corporate-wide security training.
• Plan, coordinate, and implement work assignments with process owners, control owners, external auditors and consultants.
• Perform control testing, document results and provide updates to the business.
• Partner with internal stakeholders on the design of internal controls for ongoing risk mitigation and information systems based on internal and external obligations.
• Clearly and effectively communicate security issues and risks to diverse audiences.
• Manage, perform and report on Security Risk Assessments.
• Educate and train process and control owners on security practices and responsibilities.
• Ensure compliance with applicable controls based on a unified control framework.
• Evaluate and advise on new and evolving certification programs, technology and security standards.
• Proactively identify and correct process gaps and improvements to further the maturity of Gong’s programs in alignment with Company goals and objectives.
• Ability to work independently on complex programs and assignments with diverse teams.

QUALIFICATIONS

• 6+ years of overall experience, with 5+ years of relevant Information Security or GRC experience.
• Basic Cloud Security Knowledge.
• GRC tool and automation experience.
• In-depth knowledge of control and Risk frameworks including PCI DSS, NIST 800-37 and ISO 27001, SOC 2.
• Ability to be hands-on and go beyond direct job responsibilities to help the team succeed.
• Ability to navigate ambiguity in a fast-changing environment.
• Familiarity with attack frameworks and mitigation.

PERKS & BENEFITS

• We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs.
• Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
• Mental Health benefits with covered therapy and coaching.
• 401(k) program to help you invest in your future.
• Education & learning stipend for personal growth and development.
• Flexible vacation time to promote a healthy work-life blend.
• Paid parental leave to support you and your family.
• Company-wide recharge days each quarter.
• Work from home stipend to help you succeed in a remote environment.

The annual salary hiring range for this position is $153,000 - $180,000 USD.

Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location.

At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations.

The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits.

Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.

J-18808-Ljbffr