Overview As a member of the Cybersecurity team you’ll report directly to our Director of Security. In this role, you will be a key member of the team, focusing on maintaining and improving our security across external systems and product-related issues. You\'ll ensure our systems are secure and comply with regulations like SOC 2, GDPR, and CCPA, while also playing a vital part in our incident response and vulnerability management. You will have a direct impact on our organization by helping to manage major security risks and ensuring our systems are trustworthy for both customers and our sales team. You\'ll work daily with a wide range of teams, including product, engineering, legal, and HR, acting as the main point of contact between our company and external auditors. This role is open in San Francisco, New York City, or Remote locations.

Responsibilities

Audit management: Serve as the primary point of contact for external auditors, translating technical details into clear, simple language for internal teams. You\'ll immediately take ownership of the upcoming SOC 2 Type II audit, gathering necessary documentation and explaining our security measures.

Risk assessment: Help identify and reduce security and compliance risks, with a focus on product-related issues and external systems. You\'ll identify how high-level risks, such as data leakage from AI tools, can become a real problem.

Process improvement: Find ways to make our compliance processes more efficient, ideally using automation and modern compliance platforms like Vanta .

Threat management: Oversee and track timely fixes for vulnerabilities identified by tools like Orca Security and ensure they are resolved within our deadlines.

Incident response: Help guide the team through the process of responding to security incidents, ensuring we have the right logging and monitoring systems in place with Datadog . You will act as a project manager to make sure follow-up actions and solutions are completed.

Regulatory compliance: Provide technical knowledge to implement and enforce legal requirements, ensuring our systems comply with regulations such as GDPR and CCPA.

Skills you\’ll bring

Bachelor’s degree in computer science, engineering, or equivalent experience.

5+ years of experience in security operations or governance, risk, and compliance (GRC).

You have successfully led multiple SOC 2 Type II audits. Bonus points if you have experience with an ISO 27001 audit.

Experience with risk assessments, designing and testing controls, and managing remediation efforts.

Familiarity with risk assessment methods and a solid understanding of how to automate routine tasks.

You can manage competing priorities and keep complex projects on track.

You can explain audit findings and technical security concepts to both executives and engineers without causing confusion.

Benefits

Competitive salary and equity

100% employee coverage for medical, dental and vision premiums

Short and long term disability benefits at no cost to the employee

Basic life and AD&D insurance at no cost to the employee

401K Plan (Pre-tax and Roth)

4 weeks of paid time off and work/life balance

Up to 12 weeks of paid family leave (care for a family member, bond with a new child, etc.)

Up to 6 weeks of paid disability leave (up to 12 weeks for pregnancy disability leave)

Ample opportunities to volunteer with local organizations with NextRoll Gives Back

For additional benefits not mentioned, visit our Careers page

About NextRoll NextRoll is a leading marketing technology company that empowers businesses to drive sustainable growth while building trusted connections with their audiences. Built on nearly two decades of AI and data expertise, NextRoll delivers its solutions through AdRoll, its flagship brand and connected advertising platform. The AdRoll platform brings together two powerful offerings: the AdRoll product, which helps brands generate awareness, deepen engagement, and drive measurable revenue through AI-powered multi-channel campaigns; and AdRoll ABM, a full-funnel account-based marketing product that unifies buyer insights, predictive AI, and multi-touch advertising to accelerate pipeline and revenue for B2B teams. Together, these solutions give marketers the clarity, efficiency, and performance they need to grow with confidence. NextRoll is a privately held company headquartered in San Francisco, CA.

#J-18808-Ljbffr