Senior Analyst, Information Security Risk and Compliance

About Us

With electric vehicles expected to be nearly 30% of new vehicle sales by 2025 and more than 50% by 2040, electric mobility is becoming a reality. ChargePoint (NYSE: CHPT) is at the center of this revolution, powering one of the world’s leading EV charging networks and a comprehensive set of hardware, software and mobile solutions for every charging need across North America and Europe. We bring together drivers, businesses, automakers, policymakers, utilities and other stakeholders to make e-mobility a global reality.

Since our founding in 2007, ChargePoint has focused solely on making the transition to electric easy for businesses, fleets and drivers. ChargePoint offers a once-in-a-lifetime opportunity to create an all-electric future and a trillion-dollar market.

At ChargePoint, we foster a positive and productive work environment by committing to live our values of Be Courageous, Charge Together, Love our Customers, Operate with Openness, and Relentlessly Pursue Awesome. These values guide how we show up every day, align, and work together to build a brighter future for all of us.

Join the team that is building the EV charging industry and make your mark on how people and goods will get everywhere they need to go, in any context, for generations to come.

Discover what it’s like to help build the fueling network of the future - check out our Engineering Blog.

Reports To

Manager, Security Risk and Compliance

What You Will Be Doing

ChargePoint is looking for Risk and Compliance Analyst who will help build our security risk framework and provide governance and risk management oversight; establish and manage our security policy framework and relevant standards; oversee applicable security, privacy, contractual and compliance requirements through controls definition, assessment, and process oversight.

Analyst will support different risk and compliance initiatives part of our risk and compliance program within the Information Security team. This position will also focus on scoping and evaluation of general and application IT controls. The Senior Analyst will be responsible for managing and executing various aspects of the program including IT scoping, delivery of the program, and reporting of results. The IT SOX Analyst will work closely with global team, and our auditors. Requirements for this position include extensive knowledge of IT general and application controls, strong understanding of IT control frameworks (e.g., COBIT, NIST Cybersecurity, NIST SP 800-53, CIS/SANS Top 20), COSO and US GAAP, as well as the demonstrated ability to monitor an effective global risk-based IT control environment.

What You Will Bring to ChargePoint

• Introduce innovative, differentiating cybersecurity capabilities that enhance our overall competitive advantage and align risk strategies with business priorities
• Program execution dealing with audits, compliance checks and external assessment processes for internal/external auditors, ISO 270001, PCI, SOC2, NIST 800-53, GDPR and third-party vendors
• Define and implement a third-party risk management program. Audit third parties / vendors on an on-going basis based on the defined framework
• Work with other teams like Engineering, H.R. etc. to gather artefacts and perform audits on an on-going basis
• Support the execution of various SOX program components, including IT scoping, IT risk assessment, training of stakeholders on IT control-related best practices, IT control testing and review, remediation recommendations, deficiency evaluations and reporting
• Assess and determine design effectiveness of internal controls . Experience with different cloud environments and technologies like AWS, Linux, others
• Partner with various business owners and IT teams including technology compliance, operations, development, and application support to provide expertise in assessing the design and effectiveness of IT controls
• Liaise with finance, IT stakeholders and auditors (both internal and external)
• Demonstrate the ability to exercise judgment and display a high standard of ethics and professionalism
• Demonstrate exceptional communications skills, both written and verbal, with the ability to understand complexities of the business

Requirements

• 4+ years of experience performing or leading GRC activities or programs to support compliance efforts
• Excellent oral and written communication and interpersonal skills with emphasis on building strong, longer-term relationships worldwide across different geographies and functions
• Detail oriented, self-motivated with the ability to meet project deadlines and deliverables in a fast-paced environment
• Prior experience with security policy, standards, and controls definition across multiple compliance frameworks (PCI, SOC2, ISO, etc.)
• Experience performing third party cybersecurity assessments
• Experience with GRC platforms, reporting tools and presenting compliance reports to senior stakeholders
• Experience implementation security training and awareness initiatives to educate stakeholders regarding security risks
• Maintain a common controls framework that aligns with applicable security standards and regulations
• Develop and maintain security documentation including policies, procedures, and security white papers
• Has a strong understanding of IT control concepts and framework such as COBIT, NIST Cybersecurity, NIST SP 800-53, CIS/SANS Top 20, Sarbanes Oxley, COSO, and leading business practices
• Security and audit certifications like CISA, CISSP, others are a plus but not mandatory.

Location

Gurgaon - India or Remote 

ChargePoint is committed to fair and equitable compensation practices.

The targeted US salary range for roles at this operating level is $ to $. This range represents base salary and does not reflect equity, benefits or variable pay where applicable. Actual base salaries are based on several factors unique to each candidate, including but not limited to skill set, experience, certifications and specific work location.

We are committed to an inclusive and diverse team. ChargePoint is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.

If there is a match between your experiences/skills and the Company needs, we will contact you directly.

ChargePoint is an equal opportunity employer. 
Applicants only - Recruiting agencies do not contact.