Security Policy Manager

Slack is a messaging app for teams that is on a mission to make your working life simpler, more pleasant, and more productive. We believe everyone deserves to work in a welcoming, respectful, and empathetic culture. We live by our values and hire accordingly.

Our Security teams support the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security, and strive to ensure we provide low friction high-impact security across everything we do. As a member of the Security Policy Team, you understand that building user trust is critical to Slack’s success. You are passionate about privacy and maintaining customer confidence. You get excited about learning new legal policy frameworks, building processes to address new regulatory and compliance requirements, and jump at the change to use your technical knowledge to answer customer questions. Your work directly impacts the way millions of users, teams and businesses get things done.

* Develop various regulatory and compliance attestation and/or certification programs * Develop and raise awareness of internal security policies and practices * Work with the Accounts and Customer Experience teams to translate and transform informal practices into attestable practices and policies * Support customer inquiries about Slack’s compliance and regulatory programs * Assist enterprise customers in navigating complex security, privacy, and compliance issues * Partner with legal counterparts in all aspects of your work * Develop and organize internal security, compliance, and policy resources (e.g., policy documentation, tools, protocols)

* Extensive professional experience in addressing technical policy, compliance and regulatory issues * Experience participating in or conducting technical assessments of compliance programs (e.g.: SOC 2, FedRAMP, ISO 27001, etc.) * Ability to work independently, communicating across multiple time zones * Experience working with a broad array of cross-functional stakeholders * Excellent communicator with great interpersonal and presentation skills, as well as the ability to write well and translate complex issues into simple language that people who are not experts can understand * Experience interacting directly with both enterprise and small business customers