Who we are
Our mission at Sourcegraph is to make it so that everyone can code, not just ~0.1% of the population. We help developers and companies with billions of lines of code create the software you use every day. In enabling more people to code, we believe we will create economic opportunity across the world and will drive progress that benefits everyone.
It’s an exciting time to join Sourcegraph. Our company is growing rapidly: we’ve experienced 4x year-over-year revenue growth and our recent $125M Series D from Andreessen Horowitz and $50M Series C from Sequoia have given us the opportunity to make big ambitious bets on our future. We have a huge market (every company that builds software) and massive opportunity (most developers haven’t even heard of code search yet, but once you’ve used it, you can’t live without it–just like Google web search). By continuing to hire exceptional people, we have the opportunity to make Sourcegraph one of the biggest technology companies in the world.
Why this job is exciting
As our ambitious Compliance Project Manager, you will build and cultivate positive relationships across departments while spearheading our compliance efforts and risk management programs. You will be our subject matter expert in national and global compliance standards – researching, developing, writing, and updating policies that align with various compliance and security objectives. While we are currently in the process of preparing for SOC2, this is just the tip of the iceberg, as we have ISO 27001, GDPR, HIPAA, HITRUST, FedRAMP, and others that will be coming up quickly.
Within one month:
- You will start building a trusting relationship with Security, Engineering, IT, Legal, HR, and Sales to build an understanding of the current and desired compliance efforts
- You will understand the what, why, and how of the existing compliance projects, how they contribute to our company goals, as well as current status, risks, and mitigations.
Within three months:
- You will have taken project management responsibility for the ongoing compliance efforts
- You will build out a roadmap that addresses upcoming compliance changes that may impact Sourcegraph
- You have assisted with completing security questionnaires from customers and answering customer questions with respect to compliance and have worked with the marketing team to create customer collateral aiding in the sales process
Within six months:
- You will celebrate the fact that your org has delivered a successful audit
- You maintain and update ISMS documentation and processes and are executing an internal communication plan
- You have been able to recognize, analyze, organize, and document deficiencies and articulate those deficiencies to both technical and non-technical teammates
You have worked cross-functionally on large projects, using project management principles to provide direction to project teams and delivering a successful internal/external third-party audit. You are strongly aligned with our values, inspired by our mission to make it so that everyone can code, and motivated to do your best work at Sourcegraph.
- 3-5 years of experience in a Project Management role, preferably in IT compliance or technical engineering
- Have excellent interpersonal skills and can articulate a compelling vision
- Experience using a risk-based audit approach in evaluations of and recommendations for management processes
Nice to haves:
- Prior privacy and compliance experience with knowledge of regulations such as FIPS, PCI, Common Criteria, SOC, FISMA, or ISO
- Information Security Certification(s): Project Management Professional (PMP); Certified Information Systems Auditor (CISA); Certified Information Systems Security Professional (CISSP) a plus
Interview process [~5 hour total interview]
- You apply.
- [30 min] Recruiter screen
- [30 min] Hiring Manager screen
- Assignment (if applicable)
- In-depth Interview stage:
- [1 hr] Assignment review/working session, if applicable
- [45 min] Technical interview
- [30-45 min] Cross-functional interview
- [30 min] Values interview
- [30 min] Department head interview
- Any other informal conversations with people who you would be working closely with but didn’t get to meet during the interview process.
- We check references & make you an offer
Not sure if this is you?
We want a diverse, global team, with a broad range of experience and perspectives. If you don’t meet 100% of the above qualifications, you should still seriously consider applying. Studies show that you can still be considered for a role if you meet just 50% of the role’s requirements. We carefully consider every application, and will either move forward with you, find another team that might be a better fit, keep in touch for future opportunities, or thank you for your time.
Learn more about us
To create a product that serves the needs of all developers, we are building a diverse all-remote team that is distributed across the world. Sourcegraph is an equal opportunity workplace; we welcome people from all backgrounds and communities.
Learn more about what it is like to work at Sourcegraph by reading our handbook.
We want to ensure Sourcegraph is an environment that suits your working style and empowers you to do your best work, so we are eager to answer any questions that you have about us at any point in the interview process.
Go back to the careers page for all open positions.