Security & Compliance Specialist

Workshop is looking for a driven Security & Compliance Specialist to own our current and future compliance frameworks and collaborate with stakeholders to make sure we are upholding our high level of security and risk management.

This is an exciting opportunity for someone with 2-5 years of experience to be part of an exciting software-as-a-service (SaaS) business here in Omaha, Nebraska.

As a Security & Compliance Specialist, you will:

• Own and manage our existing compliance frameworks, including SOC 2 and GDPR.
• Lead our initiative to obtain further compliance certifications such as ISO27001, coordinating all necessary audits, documentation, and risk assessments.
• Collaborate with revenue teams to manage inbound customer vendor and security questionnaires and incorporate prospective security conversations into future compliance & security roadmaps.
• Collaborate with internal stakeholders and legal counsel to maintain and update MSAs, terms of service, privacy policies, and acceptable use policies.
• Develop, implement, and manage comprehensive third-party vendor vetting and approval processes.
• Partner with our product and engineering teams to validate, schedule, and document disaster recovery and security tests.
• Implement rigorous tracking and management processes for vendor access and user controls across internal and external platforms, collaborating closely with business stakeholders and IT.

To be successful in this position, you’ll need to:

• Have proven experience managing compliance frameworks, especially SOC 2, GDPR, and ISO 27001.
• Demonstrate strong project management skills with a clear ability to coordinate cross-functionally across legal, product, engineering, and IT teams.
• Possess excellent written and verbal communication skills, translating complex security and compliance requirements clearly across teams.
• Have experience developing and maintaining compliance policies and documentation.
• Be proactive in identifying risks and developing robust security practices that align with business goals.

Bonus points if you:

• Have hands-on experience with disaster recovery planning and testing.
• Have managed relationships with external auditors and vendors.
• Have direct experience working with cloud based hosting environments such as AWS and identity management tools such as Okta.
• Are familiar with compliance management software and access control systems.
• Enjoy working in fast-paced startup environments.

Compensation and benefits:

• Highly competitive compensation
• Healthcare
• Stock options
• 401k
• Unlimited vacation
• Flexible work environment

About Workshop

Workshop is a fast growing, venture-backed startup based in Omaha, Nebraska and we’re on a mission to create more happy Mondays for employees everywhere. We build software to help internal communications teams create, send, and measure multi-channel, employee-centric campaigns.