What you’ll be doing...

At BlueJeans, we’re transforming the way people meet by creating a human connection in every experience. Together, we’re bringing video to everyone, regardless of location or device, including mobile, desktop, or room systems. We work with thousands of companies worldwide to upgrade everyday meetings, large-scale events, and social network broadcasts by replacing traditional web conferencing with face-to-face video communication. All our customers have one trait in common: they understand the benefits to bringing their employees, leaders, and partners closer together. Since 2009, we have raised $175M in funding led by Accel Partners, Battery Ventures, NEA, and Norwest Venture Partners.

As a Principal complianceengineer, you will be responsible for improving and maintaining our security controls and policies as well as designing new controls where we require them. We are looking for an individual who is passionate about Information Security, has led Securitycomplianceand certification efforts in SaaS companies, and has proven experience working effectively across various departments within a fast-paced company. You will be self-motivated, articulate, and organized in leading internal audits, identifying gaps, and effectively putting in place remediation measures to address the gaps. You will report to the Deputy CISO and will work closely with Program Management,Engineering, Operations, and the Security team to drivecomplianceefforts.

Responsibilities:

  • Own the maintenance of security controls for differentcompliancestandards such asSOC 2 and ISO 27001.
  • Periodically review the controls to account for the change in process, technologies used, services/products offered, and the deployment environment.
  • Work with Program Management,Engineering, Operations, and Security team and the impacted departments to modify existing controls or define new ones and operationalize them.
  • Developacompliancestrategy in alignment with business requirements, objectives, and metrics.
  • Perform internal audits monthly or quarterly depending on the priority of the control group, assess gaps, and work with external consultants and stakeholders to address them.
  • Raisecompliancetickets for various departments such as Operations, Support, and IT to generate and review access lists for key systems.
  • Ensure that the security controls are operating effectively in the organization always.
  •   Own the audit calendar,prepare evidence for controls as per periodicity (such as quarterly or annually), and schedule external audits working with auditors and program management.
  • Maintaincompliancedocuments such as the controls, evidences collected, and the audit reports in an organized fashion.
  • Be the point of contact for the organization to answer questions oncomplianceas well as to share audit reports with customers and prospects under NDA.
  • Perform vendor risk assessment annually for existing vendors, identify gaps if any, and work with the stakeholders and the vendor on next steps. Perform risk assessments for new vendors during evaluation/onboarding.
  • Respond to RFPs from Sales and Assessment questionnaire from Support/Customer Success teams.
  • Assist with roll-out/tracking of security awareness training within the company.
  • Lead privacy initiatives.
  • Help build a culture of security within the company.

What we’re looking for...

  • Bachelor’s degree, with relevant on-the-job technical experience.
  • Minimum 5 years ofcomplianceexperience with SOC 2 or ISO 27001/27018. Experience with HIPAA, FedRAMP, PCI, or GDPR is a plus.
  • 4+ years’ experience in a security function at a cloud service or software company.
  • Prior experience helping an organization achieve and maintaincompliancecertifications such as SOC 2 or ISO 27001 is a must. The use of tools to help withcomplianceefforts will be a plus.
  • Good communication skills with the ability to work with a disparate set of stakeholders – HR,Engineering, Operations, Support, etc. inside a company, and auditors, customers, vendors, partners outside the company.
  • Good understanding of Information Security principles, the relating ofcompliancecontrols to those principles, and articulating the relevance of controls to stakeholders.
  • Ability to maintain a flexible work schedule to enable interactions across multiple time zones with remote teams is a plus

Verizon recently acquired BlueJeans and plans to integrate BlueJeans employees into Verizon, including its compensation and benefits programs, in due course. This position will be part of that planned integration.

When you join Verizon...

You’ll have the power to go beyond – doing the work that’s transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you’ll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we’ll go far.

Diversity and Inclusion at Verizon

At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.