At PagerDuty, we believe that people do their best in a culture that fosters inclusion, innovation, and success. Our values - Champion the Customer, Take the Lead, Run Together, Ack + Own and Bring Yourself - serve as the foundation of our collaborative and dynamic culture. Whether it's conducting a retrospective, participating in our monthly Hackdays, cranking out a new product feature, supporting our two PagerDuty bands, or doing our day to day work, Dutonians live and breathe these five values every day. Together, we solve real customer issues and fulfill our mission of connecting teams to real-time opportunities and elevate work to the outcomes that matter.

Why We Need You

From the Fortune 100 to the smallest startups, technology companies rely on PagerDuty to help them understand the state of their infrastructure. As the complexity and noise inside that infrastructure grows, companies are increasingly looking to PagerDuty to cut through their noise to find their important signals.

We are looking for an experienced Director-level candidate as our (new) Director of GRC and Trust. You have a rich technical, organizational and operational experience working in and securing a cloud native environment focused on governance, risk and compliance and customer trust. You value collaboration and have demonstrated the ability to work closely with cross-company group leaders including Product Management, Engineering, CIO/IT, Legal, PeopleOps and Sales to execute on large-scale projects. You are passionate about security and continuous improvement and will bring this front and center as you help set the standards & processes that drive security across PagerDuty. You will lead security-focused cross-functional projects to drive security maturity as well as support the security viewpoint in our cross-company initiatives as part of an amazing team that's intensely focused on securing products, improving security processes, and building the future of security at PagerDuty.

How You Contribute to Our Vision: Key Responsibilities

• Responsible for leading and maturing our governance, risk and compliance discipline across application and infrastructure security for on-prem, OSS and cloud-based environments.
• Define and implement a robust and business appropriate risk and issue management discipline in support of internal and external cybersecurity risk management.
• Interlock with customers to represent PagerDuty's security posture and standards, and bring customer feedback to security and product teams.
• Operationalize discipline for ongoing internal and external compliance and maintenance of security audits and evidence including SOC2 Type II and FedRAMP.
• Collaborate with cross company teams to drive an environment of continuous security improvement.
• Use overall data and findings to identify and recommend enhancements and changes to increase product and infrastructure security posture.
• Support security operations to provide the protection of the confidentiality, availability, and integrity of customer data and building/maintaining customer trust.
• Partner with product/engineering, corporate operations, and employees to build and maintain a security-aware culture where everyone understands and plays their part.
• Provide thought leadership on modern security operations and help lead our infrastructure security organization in creating trust through security.
• Embody a continuous improvement discipline for personal and career growth. Mentor and grow infrastructure, application security and cloud security engineers.

Skills and Attributes

• You have a track record of stepping up and leading successful complex security projects including roll-out of security discipline to engineering, operations teams.
• Proven track record of customer interaction including support for pre- and post-sales activities and support for customer enablement teams.
• Experience with support for internal and external audit activities including evidence gathering and management, interaction with auditors and management of audit timelines.
• Experience with application security disciplines including security reviews, testing, and management of findings through to remediation.
• Experience with operational security disciplines including asset and inventory management, vulnerability scanning and patch/update disciplines for the management of findings through to remediation
• Experience implementing and/or running an issue management discipline to ensure a robust lifecycle for the management of findings and issues, balancing security standards and operational realities.
• Experience with containerized applications, and technologies, such as Docker and Kubernetes.
• Experience working in a continuous delivery/continuous deployment environment.
• You have a desire to stay ahead of the latest industry trends and technologies; a track record of sharing contributions to the wider security engineering community and a commitment to continuous learning.
• You believe security should make it easy to do the right thing.
• You are an expert at leading collaborative efforts involving large groups.
• Expert at building consensus within and across engineering teams.

Minimum Requirements

• 5+ years experience managing high performance security teams with
• Outcome driven results
• Sprint planning and KPI based measurements
• 3+ years of experience
• Managing application and/or operational security, including IaaS, PaaS, SaaS
• Defining/implementing cloud-native based security best practices
• Operationalizing and running governance, issue and risk management disciplines
• Leading or supporting external audit activities including SOC2, ISO27001, and ideally with FedRAMP experience
• Demonstrated history of employee engagement through coaching and mentoring, and leading both individuals and managers
• Excellent written and verbal communication skills.
• The ability to identify and effectively communicate the business impact of cybersecurity risk to stakeholders and team members.
• The ability to solve security problems without saying "No".

Preferred Qualifications

• Certifications such as AWS Security Speciality, (ISC)2 Certified Cloud Security Professional (CCSP), (ISC)2 CISSP (Certified Information Systems Security Professional).
• Experience with AWS cloud security best practices, and AWS security technologies such as AWS IAM, AWS Organizations, AWS Shield, AWS GuardDuty.

PagerDuty is a global company focused on inclusion and employee well-being by building a culture that isn't location specific and gives equal opportunity to everyone—regardless of where you are working.

As a Dutonian, you can expect competitive pay and benefits; structured learning, development, and advancement; immersion in our award-winning company culture; and exceptional colleagues. PagerDuty currently has offices in Atlanta, Lisbon, London, San Francisco, Sydney, Tokyo, and Toronto, with remote opportunities in those countries and Chile. We offer a hybrid, flexible workplace, while also providing ample opportunities for connection in-person and virtually with your fellow Dutonians.

Not sure if you qualify?

Apply anyway! We extend opportunities to a broad array of candidates, including those with diverse workplace experiences and backgrounds. Whether you're new to the corporate world, returning to work after a gap in employment, or simply looking to transition or take the next step in your career path, we are excited to connect with you.

PagerDuty Offers

One way we ensure our employees are inspired to do their best is through a comprehensive total rewards approach that supports them and their loved ones. As a global organization, our programs are competitive with industry standards and aligned with local laws and regulations.

Your package may include:

• Competitive salary and company equity
• Comprehensive benefits package from day one
• Flexible work arrangements
• ESPP (Employee Stock Purchase Program)
• Retirement or pension plan
• Paid parental leave - up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
• Generous paid vacation time
• Paid holidays and sick leave
• Paid volunteer time off - 20 hours per year
• Bi-annual company-wide hack weeks
• Mental wellness programs
• Dutonian Wellness Days & Midyear Wellness Week - scheduled company-wide paid days off in addition to PTO and scheduled holidays
• HibernationDuty - a week each year when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge

About PagerDuty

PagerDuty, Inc. (NYSE:PD) is a leader in digital operations management. In an always-on world, organizations of all sizes trust PagerDuty to help them deliver a better digital experience to their customers, every time. Teams use PagerDuty to identify issues and opportunities in real time and bring together the right people to fix problems faster and prevent them in the future. Notable customers include Cisco, Genentech, Electronic Arts, Cox Automotive, Shopify, Zoom, DoorDash and more.

Led by CEO Jennifer Tejada, 50% of our board of directors is comprised of women, 45% of our managers are from underrepresented groups, and we are a proud member of the Pledge 1% Movement, committed to donating 1% Equity, 1% Employee time, and 1% Product to accelerate change in our communities.

PagerDuty is Great Place to Work-certified™, a Fortune Best Place to Work for Women, and a top rated product on TrustRadius and G2.

Go behind-the-scenes @pagerdutylife on Instagram.

Additional Information

PagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status.

PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email accommodation@pagerduty.com and we will work with you to meet your accessibility needs.

PagerDuty uses the E-Verify employment verification program