Security and Compliance Specialist (Santa Monica,CA)

We're looking for aSecurity and Compliance Specialist (Santa Monica,CA)

In this role you will...

  • Work closely with the Global Information Security and Compliance team to implement security standards across the organization.
  • Perform security and compliance assessments of IT systems, and evaluate the design of technical controls and operating procedures against best practices.
  • Protect company information shared with prospective vendors and service providers used to support business objectives. Assess the security practices of these third parties, identify risks and communicate them effectively with stakeholders; collaborate to determine appropriate mitigations.
  • Ensure the application of a transparent, consistent, and well-reasoned methodology to evaluate controls. Findings and evidence are collected, reviewed, presented in a clear and concise manner.
  • Build rapport with a cross-functional team of stakeholders to ensure findings are prioritized and addressed; balance business needs, security best practices, and compliance requirements effectively.
  • Maintain and create documentation related to security technologies and compliance requirements. Document security related policies and procedures, and follow-up to validate accurate implementation.
  • Assist in response to internal and external audits, along with on-demand security assessments.
  • Research emerging technology in support of security enhancement and development efforts. Facilitate use of technology-based tools or methodologies to review, design, and/or implement reviews.
  • Embrace a culture of excellence, combining humility with ambition.
  • ... and being the rockstar you are, will be willing to take on additional responsibilities as needed

You've got what it takes if you have...

  • A bachelor's degree in IT/Computer Science or related field
  • Two (2) to Four (4) year's experience in information security, audit, risk and/or compliance, preferably in a technology environment
  • Experience with annual compliance and regulatory activities, especially related to industry security frameworks such as SSAE16/18, SOC2, ISO 27001, FedRAMP, NIST 800-53, and PCI DSS
  • Experience performing third party security risk assessments (e.g. Cloud vendors, service providers)
  • Experience performing security risk assessments
  • Experience developing risk mitigation strategies
  • Experience planning and implementing technical security controls (e.g. access management, antivirus, patch management, vulnerability scanning, log management, etc.)
  • Exposure to reviewing or securing cloud platforms such as Amazon AWS, Microsoft Azure, etc.
  • Solid problem solving and analytical skills; able to quickly digest problems encountered and recommend an appropriate solution
  • Ability to deal with ambiguity and make judgements in situations where no precedent exists
  • Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism
  • Ability to communicate clearly and effectively with technical and business stakeholders
  • Excellent word processing skills with MS Office, Project, and Visio

Extra dose of awesome if you...

  • Have applicable IT certifications (e.g. CISA, CIPT, CISSP)
  • Familiarity with third party assessment approaches such as CSA, SIG Lite

Our Culture:

Our mission is to empower people, businesses and communities. A culture created less by what we do and more by who we are. When people are asked to describe the team, the answer is always the same: Smart, Cool, Dependable, and Visionary. We are not a typical tech company (even with our free massages, yoga studio, arcade, movie theatre, free breakfast and generous stock units), because, well, our employees aren't your typical techies...

We're always on the lookout for new, curious and capable people who can help us achieve our goal. So if you want to work for a friendly, global and innovative company, we'd love to meet you! What are you waiting for?

What We Do:

Cornerstone OnDemand (NASDAQ: CSOD) helps organizations to recruit, train and manage their people. We work with hundreds of the world's largest companies—from Walgreens and Starwood Hotels & Resorts to Deutsche Post DHL and Xerox—and thousands of smaller ones to help them engage their workforces and empower their people. Our software impacts every aspect of the employee experience, helping people to make their best work even better – which ultimately translates into greater business results.

Our software and services are in use by over 33.5 million people in 192 countries and in 43 languages.

Check us out on Linkedin, The Muse, Glassdoor, and Facebook!

Equal Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, color, gender, age, sexual orientation, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at

Back to top