Director, Risk and Audit

About Platform.sh

The Platform.sh Platform-as-a-Service (PaaS) removes the complexities of cloud infrastructure management and optimizes development-to-production workflows, reducing the time it takes to build and deploy applications. Delivering efficiency, reliability, and security, giving development teams both control and peace of mind. Built for developers, by developers.

Adopted and loved by 16,000+ developers, 7,000 customers, and proven over the last 8 years — Platform.sh provides out-of-the-box capabilities that serve as the launchpad for creative development teams’ out-of-the-box thinking. 

We provide 24x7 support, managed cloud infrastructure, and automated security and compliance with an all-in-one PaaS. We give our customers complete control over their data by keeping applications secure and available around the clock.

Platformers are a remote, global workforce, and we thrive in a multicultural team. We are committed to open source and an open, welcoming environment. Our team spans the globe and the experience spectrum.

What's our commonality, our cultural fabric? A curious spirit and a thirst for knowledge; an eagerness for innovative ideas and cultures. We believe we can build anything together in an environment that frees you to do your best work.

Bring your expertise and enthusiasm to our growing, global organization. Your contributions, collaboration, and unique point of view are recognized and valued here. 

Position summary

Platform.sh is actively searching for a Director of Risk and Audit who will play a pivotal role in developing and executing strategies that align seamlessly with our company's objectives. This individual will strategically lead our risk and audit team, ensuring that they are equipped with the right priorities, unwavering support, and expert technical guidance to deliver top-tier risk and audit outcomes. As the driving force in our compliance journey, you will navigate external standards with finesse. This opportunity is more than just a job—it's a chance for you to lead, innovate, and leave a lasting impact.

What you can expect 

Leadership and Strategy:

• Lead governance, risk, audit, and compliance for a global company and team.

• Set goals, establish priorities, provide guidance and support to risk and audit teams.

• Manage budgets, resources, and partnerships with partners and vendors.

• Promote a culture of continuous improvement and innovation.

Risk Management and Compliance:

• Execute risk mitigation plans from risk analysis.

• Ensure effective security training and compliance.

• Document cybersecurity requirements and control ownership.

• Develop training programs for regulatory compliance, lead risk assessments and regulatory audits, develop remediation plans, and monitor compliance effectiveness.

Technical Contributions and Expertise:

• Provide technical leadership.

• Understand global security standards, implement policies.

• Drive potential ISO 27001 / EUCS compliance.

• Partner with our People team for employee management and training.

What you bring 

• Proven ability to lead global teams, coupled with strong leadership, analytical, and organizational skills.

• Creative and collaborative problem-solving ability, exercising sound judgment and maintaining a proactive, results-oriented, and self-driven approach.  

• Skills and Leadership Experience:

  • Strong verbal and written communication skills for diverse audiences.

  • In-depth knowledge of information risk concepts and related business needs.

  • Demonstrated leadership in matrixed and agile environments, and cross-functional teams.

• Certifications and Audits:

  • Desired certifications for this role include CISSP, CISM, CRISC, CISA, CCSP, CMRA, or similar.

  • Familiarity with legal and regulatory requirements: PCI DSS, SOC 2, HIPAA, ISO 27001, GDPR.

• 10+ years of impact in Risk Management 

This is a remote job. Work from the Eastern Canada/Western Europe region!

We’re a worldwide, distributed team looking for the best talent. Our remote model has been in practice and thriving since 2014. To us, remote work means flexibility and having truly diverse, global teams. 

*To maximize team collaboration with product, design and engineering teams, this role is preferred in the Americas and Europe/Africa in time zones ranging from UTC-7 to UTC+2.  

Company perks and benefits 

• An innovative product you can believe in. We’re sustainably changing the way companies develop and manage their web applications

• We’re voted as A Best Place to Work by 96% of our employees, Forbes Top 30 Companies for Remote Jobs, and in France Best Workplaces for Women

• Hands on leadership that cares in a flexible, open work environment, where your voice is encouraged. We can always find ways to do better and look forward to hearing your ideas

• A global team, rich with culture and diversity

• Company-wide DE&I initiative that you can be a part of

• Team offsites such as go-to-market teams kick-off, local meets, Exco offsites, marketing sponsored events, etc

• A Wellness stipend and a Professional development budget

• Office equipment budget

• Fair PTO (standards based on location)

• Inclusive parental leave (timeline based on location)

• Healthcare, dental, and vision (US, CA, UK, and FR employees only)

• Tandem – a pool of linguists from around the world willing to help each other work on learning new languages

• Company shares (discretionary)

• Unlimited Platform.sh accounts

How we hire

We know that a great hire won’t meet every requirement that we’ve outlined. If you can see yourself elevating the team, we want to hear your story. Few of us would be here had we not taken a chance.   

You can expect 5 interviews on Google Meet. You will have the opportunity to meet with a variety of Platformers throughout the interview process. Our goal is to ensure you can make the most informed decision on whether our culture aligns with what you’re looking for in your future working environment. 

All roles require background checks.