Customer Trust Specialist

Docker is a remote first company with employees across Europe and the Americas that simplifies the lives of developers who are making world-changing apps.  We raised our Series C funding in March 2022 for $105M at a $2.1B valuation. We continued to see exponential revenue growth last year.  Join us for a whale of a ride!

The Customer Risk & Trust Analyst will report to the Sr. Manager, Information Security, Risk and Trust.  This role will be responsible for assisting Sales and Customer Success teams in managing customer security questionnaires, questions and contract negotiations.  This role will collaborate heavily with the Governance, Risk & Compliance team, Security Engineering and Engineering teams to learn the inner workings of Docker’s security and compliance processes.  The analyst will also identify areas where Docker can improve security and compliance related communications and identify security product concerns / features that customers request during the sales and renewal process.  This role is customer facing and will serve as a trusted advisor internally and externally for all matters related to customer trust.

Responsibilities:

• Help Docker implement new RFP system, focusing on the customer security questionnaire database

• Review customer security questionnaires to ensure that the tool has appropriately matched answered questions within our database to customer questions.

• Responsible for maintaining Docker’s customer question database, including performing a periodic review with relevant stakeholders.

• Help create and maintain Docker’s Customer Trust website which will house various security, compliance and privacy related materials

• Maintain Docker’s Whistic profile by updating security questionnaires, customer facing policies, and uploading the latest documentation (i.e. SOC 2 reports, penetration test results)

• Review customer contracts for security and compliance terms, suggest redlines, and work closely with Docker’s legal team to finalize negotiations. 

• Identify security related feature requests from customers and highlight those to the relevant product teams. 

• Highlight areas of customer risk identified during the sales and renewals process.

• Assist in building out a risk and compliance control framework based on industry leading standards. 

• Stay up to date on the latest cyber security best practices  

Qualifications:

• Experience communicating technical, security and privacy descriptions to external parties

• Experience with handling security questions as part of the RFP process

• Minimum 3 years of work experience in compliance, audit or related field 

• Bachelor’s degree in business, information systems, computer science, or relevant educational or professional experience

• Experience with information security principles/practices

• Experience with privacy principles/practices

• Experience with Loopio and Whistic is a plus

• Passionate about security, privacy, and compliance

• Self-motivated, quick learner, fast researcher

• Have experience with and are comfortable with a remote working environment

• Public Accounting/Big 4 Consulting Experience is a plus

• Technical information security experience

• Experience with AWS and cloud environments

• Industry relevant certifications such as CISSP, CISA, etc. is a plus  

• Experience with privacy regulations (GDPR, CCPA, etc.)

What to expect in the first 30 days

• Shadow Docker’s Compliance team, navigating the SOC 2 process and learning about Docker’s security environment

• Read materials on Docker’s Whistic profile to get up-to-date on current state

• Read Docker’s policies and procedures

• Read Docker’s security-related Notion pages

• Become familiar with Whistic and Loopio

• Forge relationships with Docker’s Sales and Customer Success team

• Begin reviewing and approving customer security questionnaires in the RFP tool

What to expect in the first 90 days

• Take over the update process for Docker’s security questionnaires 

• Set up a formalized process for updating other security and compliance related documents within Whistic

• Become familiar with Docker’s compliance monitoring platform to learn our control environment

• Shadow Docker’s Security Engineering team to learn practices

• Participate in customer calls to answer security and compliance questions

• Review customer contracts for security and compliance revisions and provide feedback to customers

What to expect in the first year

• Set up formalized processes for updating Docker’s customer facing security and compliance related content, communicate these processes with all stakeholders

• Set up formalized process for updating responses within Loopio

• Streamline processes within Customer Trust to be more self-service for both internal and external stakeholders

• Work on customer facing security and privacy content 

Perks:

• Freedom & flexibility; fit your work around your life

• Variety of virtual and in-person social events to build connections and have fun

• Home office setup; we want you comfortable while you work

• Generous maternity and parental leave

• Technology stipend equivalent to $100 net/month

• PTO plan that encourages you to take time to do the things you enjoy

• Whaleness Days: companywide day off each month

• Quarterly, company-wide hackathons

• Training stipend for conferences, courses and classes

• Stock Options; we are a growing start-up and want all employees to have a share in the success of the company

• Docker Swag

• Medical benefits, retirement and holidays vary by country

Docker embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.

CA/NY/Boulder, CO/Denver, CO  $156,000 - $211,000 

Colorado  $148,000 - $201,000  

*salary range varies based on location and level

Due to the remote nature of this role, we are unable to provide visa sponsorship.