About UsAt Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today the company runs one of the world's largest networks that powers approximately 25 million Internet properties, for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine's Top Company Cultures list and ranked among the World's Most Innovative Companies by Fast Company.We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! The TeamSecurity Compliance is seen as a critical business function at Cloudflare. Compliance certifications allow our customers to be confident in the security and privacy of our products, while also providing frameworks for well-tuned information security management systems and programs. These standards provide clarity to Cloudflare's teams on how to incorporate security principles in the management of systems, the development of products, and the expansion of our business footprint. The Security Compliance team also works with the Legal team to implement Cloudflare's security regulatory obligations, including working closely with cybersecurity regulators around the world.This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. You will join as a member of the Security and Privacy Validations Team. This team is part of GRC and is part of the greater Security Team.We guarantee that you will be challenged and have room for growth on our team! What you'll do Work cross-functionally with Legal, Public Policy, and the broader Security team to build and mature Cloudflare's Security Regulatory Compliance program in the APJC regionImplement security and privacy compliance requirements across the organization to meet regulatory compliance standardsAdvise security teams on new and upcoming regulatory directives in security and privacy compliance.Assist in the development and maintenance of security and privacy compliance validations including: Conducting organizational gap assessments and provide technical guidance on remediation of the issues identifiedMaintaining and improving Cloudflare's Common Control Framework to align with applicable regulations Provide input into the overall security and privacy compliance strategy Examples of desirable skills, knowledge and experience At least 3 years working in Security Compliance, Privacy Compliance, regulatory compliance, or a similar fieldAbility to analyze security and privacy directives or regulations across countries and industriesWorking understanding of cybersecurity and privacy regulations (e.g. Australia's Security of Critical Infrastructure and Privacy Acts; Japan's Act on the Protection of Personal Information and andBasic Act on Cybersecurity; South Korea's Personal Information Protection and Network Acts; Singapore's Cybersecurity Act and Personal Data Protection Act)Experience with cloud security architectures and technologiesAbility to work efficiently and independently in a fast-paced, innovative environmentAbility to work closely with auditors, regulators, and internal stakeholders and articulate technical conceptsAbility to speak Korean is a plusExperience working with one or more security or privacy standards, frameworks, or certifications such as ISO 27001,NIST 800-53, ISMAP, IRAP is a plusExperience in auditing of network, operating system, and application security is a plusSome travel may be required to engage with regulators, auditors, or to engage with Cloudflare stakeholders in our San Francisco or other global Cloudflare locations
