Back to all jobs

Information Security & Compliance Manager


Jul 22

UpKeep is the top-rated maintenance management software developed to revolutionize the way teams manage facilities, equipment, and work orders. We empower over 3,000 customers in 60 countries by providing mobile-first SaaS solutions, Industrial IoT sensors, data analytics tools, and enterprise integrations. Our innovative cloud-based application is making work easier and safer for deskless technicians, while improving asset reliability and operational efficiency for business in many fast-growing industries.
We're a Series B tech startup with 100+ team members across the US. We've been recognized as a "Best Place to Work" years in row by fostering a diverse, inclusive, and mission-driven culture. In addition to stock options and great benefits, our people have the flexibility to work remote or remote-hybrid from our Los Angeles HQ.
We are only accepting applications from candidates living in the following states:California, Washington, Oregon, Arizona, Colorado, Nevada, Utah, Texas, Idaho, Illinois, North Carolina, South Carolina, Maryland, Florida, & Hawaii

The role:

  • Oversee UpKeep's information security programs including data protection, risk management, and compliance testing.
  • Review, develop, and update UpKeep's information security and privacy policies.
  • Design and execute audit procedures to assess and measure company compliance with its security policies and procedures.
  • Monitor advancements in information privacy laws to ensure organizational adaptation and compliance.
  • Evaluate security incidents for violations of privacy principles or legal standards.
  • Manage compliance testing and monitoring of current and future regulatory obligations, and other regulatory matters as required.
  • Conduct internal security risk assessments and security compliance audits.
  • Establish IT security audit procedures relevant to GDPR, SOC2, ISO27001, NIST, and PCI-DSS
  • Coordinate third-party audits.
  • Develop materials and tools to effectively communicate compliance and corporate requirements.
  • Develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
  • Collect, analyze, and prepare reports required for senior management, regulators, and other relevant stakeholders.
  • Document, investigate, and report cybersecurity compliance issues and incidents, where necessary.
  • Work with business leaders to ensure information security risk findings are reviewed and solutions are implemented.
  • Understand, develop, and deliver meaningful reports on the program state and adherence to frameworks and standards.
  • Lead the escalation and resolution of risk and compliance issues with appropriate stakeholders.
  • Liaise with relevant parties to commission activities related to contingency planning, business continuity management, and IT disaster recovery.
  • Assist the sales team in responding to RFPs and security questionnaires; maintain a library of security and compliance RFP responses.
  • Manage third party vendors with new and recurring security assessments.

What we're searching for:

  • 3+ years of IT experience with a focus on security and compliance.
  • At least 1 year of experience managing compliance at a growing software company.
  • Significant knowledge and experience with legal, privacy, and regulatory compliance standards such as ISO27001, SOC2, PCI-DSS, GDPR, HIPPA, etc. preferred
  • Experience with IT governance, risk, and compliance management.
  • Experience coordinating tasks to complete third party assessments.
  • Experience writing policies, procedures, and controls in one or more standards/frameworks.
  • Knowledge of computer networking concepts and protocols and network security methodologies.
  • Knowledge of risk management processes.
  • Knowledge of cyber threats and vulnerabilities.
  • Experience with Risk Management in both a compliance and security context.
  • The ability to work in a fast-paced environment and the skills to deal with ambiguity.
  • Ability to work well under minimal supervision.
Employee Benefits:
Full-time team members at UpKeep receive stock options, paid holidays, unlimited vacation/sick time, 401(k), 12-week paid parental leave, affordable health insurance options, FSA, and the flexibility to work from home. We value work-life-harmony and believe that family and mental health should always come first. 
The Company:
UpKeep was founded by our CEO, Ryan Chan, based on an idea he had while using outdated desktop software as a process engineer in a manufacturing plant. He believed a mobile-first solution could significantly improve the workflow and productivity of the technicians he was working with. He was determined to build on this vision— so he quit his job, learned to write code, and created the first version of UpKeep in 2014 while living in his parent's garage.
Today, our cloud-based Software-as-a-Service (SaaS) and cutting edge Industrial IoT sensors are modernizing the way thousands of businesses around the world maintain their facilities and equipment. Customers love UpKeep's mobile-first application because it gives them the ability to manage work orders on the go. We're replacing tedious paperwork and cumbersome spreadsheets so technicians can focus on the work that matters most.
UpKeep is a Computerized Maintenance Management System (CMMS) and Enterprise Asset Management (EAM) software geared for technicians in industries like manufacturing, healthcare, food production, transportation, fitness, education, hospitality, government, utilities, and construction. We've raised $50 million in VC funding following a recent Series B funding round led by Insight Partners, Emergence Capital, Mucker, and Y Combinator. With over 1,500 positive customer reviews, we are rated #1 on Gartner, G2, and Capterra. We're also building The Maintenance Community, the largest online forum and Slack group bringing industry professionals together to participate is discussions, webinars, podcasts, and courses.
Visit our website to learn

UpKeep Technologies Inc. is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on age, race, gender, color, religion, creed, marital status, pregnancy, disability, national origin, sexual orientation, gender identity, veteran status, or any other protected category. Please let us know if you need accommodation due to disability. We celebrate our inclusive work environment and will always strive to create a diverse and equitable workplace by hiring people from all racial, ethnic, and socioeconomic backgrounds.