Security Compliance Specialist (Security Compliance & Common Flow Team)

Hi there!
We are Semrush, a global IT company developing our own product—a platform for digital marketers. New stars are born here, so don’t miss your chance.
This is our Security Compliance Specialist role for those who strive to implement functional processes and drive them to full completion.

Tasks in the role

• Ensure that Semrush complies with security standards such as PCI DSS and SOC 2 with main focus on SOC 2 attestation

• Develop, review, and update security policies, procedures, and guidelines to maintain compliance with regulatory and industry standards

• Incident Response: Assist in the development and execution of the incident response process, ensuring timely and effective handling of security incidents

• Training and Awareness: Conduct security training programs for employees to ensure that everyone is aware of the organization's security policies and practices

• Ensure that third-party vendors meet the organization's security standards and compliance requirements

• Assist in responding to customer inquiries regarding security compliance and provide clear, accurate information about our security practices and standards

• Work closely with security, legal, and business units to identify security risks and implement appropriate controls

Who we are looking for

• Experience: 3+ years of experience in security compliance, information security, or a related field

• Certifications: Certifications such as CISSP, CISM, CISA, or similar are highly desirable

• Strong knowledge of security frameworks (e.g., SOC 2, PCI DSS 4. 0, ISO 27001, NIST CSF) and industry best practices

• Experience in conducting SOC 2 audits or participation in similar audits

• Experience in managing compliance for cloud environments (e.g., AWS, Azure, Google Cloud)

• Excellent understanding of the risk-based approach, as well as understanding of the basic principles of risk identification and assessment

• Familiarity with GDPR, CCPA, and other data privacy regulations

• Excellent communication skills with the ability to translate technical requirements to non-technical stakeholders

• Fluent in written and spoken English, with excellent communication skills in a professional context

Not required, but a plus

• Strong analytical and problem-solving skills

• Detail-oriented with strong organizational skills

• You share our common values: Trust, as we prefer to speak up and be our true selves; Sense of Ownership, as it’s not worth wasting time on something you don’t believe in; and enthusiasm for Constant Change, as we are always looking to make things better.

A bit about the team

You can get to know the team better at one of the interviews, but some brief information about future colleagues will be useful now.
Security Compliance & Common Flow team will focus on security compliance questions (PCI DSS, Security audits) and general security issues.

We will try to create all the right conditions for you to work and rest comfortably

• This offer stands for the “hybrid” work format: some days, you work from the office, and some #wfh.

• Flexible working day start
  

• Unlimited PTO

• Hobby benefit

• Breakfast, snacks, and coffee at the office

• Corporate events

• Training, courses, conferences

• Gifts for employees

Finally, a little more about our company

Semrush is a leading online visibility management SaaS platform that enables businesses globally to run search engine optimization, pay-per-click, content, social media and competitive research campaigns and get measurable results from online marketing.
We’ve been developing our product for 16 years and have been awarded G2s Top 100 Software Products, Global and US Search Awards 2021, Great Place to Work Certification, Deloitte Technology Fast 500 and many more. In March 2021 Semrush went public and started trading on the NYSE with the SEMR ticker.
10,000,000+ users in America, Europe, Asia, and Australia have already tried Semrush, and over 1,000 people around the world are working on its development. The Semrush team is constantly growing.

Our new colleague, we are waiting for you!
Semrush is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, creed, color, national origin, sex, pregnancy, sexual orientation, gender identity, gender expression, age, ancestry, physical or mental disability, or medical condition including medical characteristics, genetic identity, marital status, military service, or any other classification protected by applicable local, state or federal laws. All employment decisions are based on business needs, job requirements, merit, and individual qualifications.