Compliance & Governance Manager
Introduction to Demandbase:
Demandbase is the Smarter GTM™ company for B2B brands. We help B2B companies hit their revenue goals using fewer resources. How? By aligning their sales and marketing teams around a combination of their data, our data, and artificial intelligence — what we call Account Intelligence — so they can identify, engage, and focus their time and money on the accounts most likely to buy.
As a company, we’re as committed to growing careers as we are to building world-class technology. We invest heavily in people, our culture, and the community around us. We have offices in the San Francisco Bay Area, Seattle, and India, as well as a team in the UK, and allow employees to work remotely. We have also been continuously recognized as one of the best places to work in the San Francisco Bay Area including, “Best Workplaces for Millennials” and “Best Workplaces for Parents”!
We're committed to attracting, developing, retaining, and promoting a diverse workforce. By ensuring that every Demandbase employee is able to bring a diversity of talents to work, we're increasingly capable of living out our mission to transform how B2B goes to market. We encourage people from historically underrepresented backgrounds and all walks of life to apply. Come grow with us at Demandbase!
About the Role:
In support of Demandbase’s marketing technology stack, the Compliance & Governance Manager will be responsible for supporting all initiatives to help meet current GRC, security, privacy and compliance requirements including updating the control environment and documentation, risk & privacy assessments, third-party risk management, security incident response, responding to privacy rights requests, helping develop, deliver and manage security and privacy awareness training all while helping to interface with our internal stakeholders and external auditors to ensure the completion of any audits. Every day at Demandbase is different and you will have the opportunity to do things you never expected. This role reports to the Director of Risk and Compliance.
The annual base compensation range, excluding bonus, is: $124,542 - $152,218
What you’ll be doing:
- Execute walkthroughs and tests of operating effectiveness over controls in Demandbase, IT applications, and infrastructure, in support of internal and external security audits.
- Reviewing and helping mitigate internal and external risk.
- Assist in IT audits and report on findings, track status, and ensure corrective actions are complete, sustainable and documented.
- Improving our security and privacy culture through promoting education and awareness across the organization.
- Reviewing and improving the data life cycle (data inventory, governance, retention).
- Reviewing and editing customer- and public-facing communications about privacy and security programs.
- Research, analysis and reporting on impacts of new regulatory or policy changes.
- Interacting with data subjects regarding privacy rights requests.
What we’re looking for:
- Demonstrated ability of 5+ years in Information Security, GRC, ERM, compliance, audit, internal controls, AI governance, or other security related areas. Cloud-based tech company experience preferred.
- A deep understanding of general IT and cloud security controls, such as Information Security, Business Continuity, Disaster Recovery, Vendor Management, Software Development, Hardware and Software.
- Familiarity with global industry security and privacy frameworks and regulations (ISO27001, SOC 2, NIST CSF, NIST 800-53, NIST Privacy Framework, GDPR, CCPA, etc.)
- Detail oriented with excellent verbal and written communication skills.
- Ability to work with both business and technical areas and translate requirements between the two areas to address control deficiencies.
- Excellent interpersonal and organizational skills with an ability to coordinate with internal stakeholders and external auditors.
- Familiarity with managing GRC and privacy tools used for privacy operations or to track risks, controls, and gaps (Metricstream, Hyperproof, Ketch, Didomi, OneTrust)
- Relevant security or privacy certifications such as CISSP, CRISC, CISA, CIPP are highly desirable.
- Ability to adapt in a dynamic environment and manage multiple priorities effectively; flexibility Startup experience is a plus.
- Experience in project management managing complex projects at an enterprise level
- Self-motivated and responsible individual who will represent the company with the highest level of integrity and professionalism.
- This position would provide a great opportunity for a compliance professional with a technical and/or legal background to broaden their exposure to other areas within the Legal team.
Our benefits include options for up to 100% paid Medical and Vision premiums for employees, flexible PTO policy, no internal meeting Fridays, Modern Health mental wellness platform, and 11 paid holidays and 2 additional weeks where all Demandbase employees take off (the week of July 4th and the week of Thanksgiving). Plus 401(k), short-term/long-term disability, life insurance, and all those good things.
Our Commitment to Diversity, Equity, and Inclusion at Demandbase
At Demandbase, we believe in creating a workplace culture that values and celebrates diversity in all its forms. We recognize that everyone brings unique experiences, perspectives, and identities to the table, and we are committed to building a community where everyone feels valued, respected, and supported. Discrimination of any kind is not tolerated, and we strive to ensure that every individual has an equal opportunity to succeed and grow, regardless of their gender identity, sexual orientation, disability, race, ethnicity, background, marital status, genetic information, education level, veteran status, national origin, or any other protected status. We do not automatically disqualify applicants with criminal records and will consider each applicant on a case-by-case basis.
We recognize that not all candidates will have every skill or qualification listed in this job description. If you feel you have the level of experience to be successful in the role, we encourage you to apply!
We acknowledge that true diversity and inclusion require ongoing effort, and we are committed to doing the work required to make our workplace a safe and equitable space for all. Join us in building a community where we can learn from each other, celebrate our differences, and work together.