Location : Remote, United States | Team: Security Engineering
Role Type: Full-Time Employee (Individual)
Medallia is the pioneer and market leader in Experience Management. Our award-winning SaaS platform, Medallia Experience Cloud, leads the market in the understanding and management of experience for candidates, customers, employees, patients, citizens and residents.
We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole selves to work each day. The strength of our global workforce is the most significant contributor to our success.
We believe: Every Experience Matters. Talent is Everywhere. All Belong Here.
At Medallia, we hire the whole person.
Serve as the voice of Medallia’s customers for security and compliance
Lead the development of proactive customer-facing security assurance content that details Medallia’s comprehensive security program and capabilities
Own and maintain security documentation portal and associated processes to enable scalable, consistent distribution of content to prospects and customers
Serve as the primary point of contact for responding to and leading meetings of on-going customer security diligence, questionnaires and audits
Do everything with an eye towards developing, automating, and improving process effectiveness and efficiency
Maintain knowledge base of security and compliance content and work with internal stakeholders to ensure our customer assurance materials remain up to date
Develop metrics, reports, and communications for management on customer assurance program performance
Comfort working with tools built to assist in vendor management (e.g., Security Scorecard, OneTrust, BitSight, Panorays, GRC platforms such as Archer, ZenGRC, etc.)
Synthesize complex customer documents (MSAs, Security Addendums, etc.) into concrete requirements for Medallia Engineering, Legal and Finance teams
Partner with the Sales and Support organizations to provide security assurance in the Sales and Contract renewal process
Communicate directly with Medallia customers, prospects and other stakeholders to define, describe, or represent Medallia Security on behalf of the organization
Engage with Medallia’s Product Team to analyze customer security requirements and influence product roadmaps to steer security features for Medallia’s service.
3+ years experience in Compliance and/or Security
2+ years experience in customer-facing role
Exceptional ability to effectively communicate security topics to a variety of audiences, both written and verbal
Independent self-starter, ability to manage multiple projects simultaneously
Detail-oriented and organized, with good analytical and problem-solving skills
2+ years working and managing security/compliance questionnaires
Knowledge of regulatory compliance and related assessments/certifications including SOC 2, HIPAA, NIST CSF, PCI, HITRUST, GDPR, CCPA
Experience working with modern cloud Software as a Service (SaaS).
Certification in Security such as CISA, CISM, CISSP
At Medallia, we celebrate diversity and recognize the value it brings to our customers and employees. Medallia is proud to be an equal opportunity workplace and is an affirmative action employer. Equal opportunity is afforded to all qualified applicants and employees. We do not discriminate on the basis of gender identity or expression, race, ethnicity, religion, national origin, age, sex, marital status, physical or mental disability, Veteran status, sexual orientation, and any other protected category. We also consider all qualified applicants regardless of criminal histories, consistent with legal requirements.
Medallia is committed to working with and providing reasonable accommodation to applicants with disabilities in accordance with the American Disabilities Act and local disability laws.
For information regarding how Medallia collects and uses personal information, please review our Privacy Policies.