Our Security Assurance department is in the business of trust, transparency, and advisory. We aim to prove to others and ourselves that we are trustworthy and do what we say. We deliver on this by aligning missions across four core programs: Supply Chain Risk Management, Privacy Operations, Security GRC, and Customer Trust & Security. As a result, we have a team of intelligent, dedicated, and highly collaborative SMEs responsible for building and maintaining well-defined solutions that help grow our business across security-driven industries and regions.
To support our growth and ambitious vision, we embrace agile principles and values, share openly, apply context-driven security mechanisms, default to action, and have an OSS-first mindset.
The Senior Field Security Specialist will define, implement, and maintain programs that build stakeholder trust in how we do security at Grafana and support internal improvements to our security and privacy program. In this role, the candidate will influence Grafana’s largest customers around the globe and, through their expertise, increase assurance and influence C-level executives to select Grafana Cloud and/or Enterprise as their trusted platform of choice.
As an expert on Grafana’s products and security capabilities, the successful candidate will work closely with the sales, product management, and engineering teams to help develop the product security strategy in close collaboration with the CISO and the Director of Security Assurance. The individual will support the sales teams in handling complex security objections in sales, advise marketing on security resonant media, and liaison with product management and information security as the voice-of-the-customer for security product and compliance enhancements.
This position is an Individual Contributor (IC) role reporting to the Director of Security Assurance.
A successful candidate in this role would be able to:
Serve as a security and privacy expert to ensure that Grafana’s Go-to-Market (GTM) Team is supported in pre-sales and post-sales efforts, contributing to closing new deals and driving customer retention, with deep knowledge of Grafana products, including open source, Grafana Cloud, Grafana Enterprise, and our third-party plugins.
Accelerate the ‘trust’ curve in relationships with customers and prospects with the goal of increasing win rate, shortening sales cycles, and driving more significant deals while working cross-functionally with the CISO, Legal, Security Assurance, Compliance, Solutions Engineering, Marketing, Sales, and Product Strategy teams.
Support our Sales team with security, compliance, product knowledge, objection handling in customer meetings, and security questionnaires or self-serve via the Trust Portal.
Effectively maintain an active pulse on Grafana’s customers’ problems and needs to inform our product & security strategy, closing a critical feedback loop for both feature and attestation requests from customers across multiple regions and industries.
Create market awareness, along with the CISO, to increase opportunity identification and deal velocity through thought leadership events and content that promotes Grafana as a trusted partner.
Partner across the organization to ensure valuable and impactful security content is developed for Grafana customers and our open-source community.
Identify, design, and implement process improvement initiatives to ensure scalability, allowing us to work smart and reduce repetitive tasks for customers and internal teams.
You should know a lot about:
Developing software in an open-source environment.
Information security frameworks and standards (SOC 2, ISO 27001, ISO 27018, ISO 27017, ISO 22301, CISv8, CSA STAR and TISAX).
Applicable privacy regulations and frameworks (GDPR, CPRA/CCPA, CSA CoC for GDPR, Privacy Shield, SCCs, ISO 27701).
Highly regulated industries (Banking, Payment Processing, Public Sector).
Computing systems and principles, particularly around the delivery of cloud-hosted services.
Corporate IT security operations, technology trends, and current cyber threat landscape.
Security logging and compliance observability.
GTM teams and designing solutions for security and privacy customer requirements.
Effective writing, management and communication of knowledge base resources, whitepapers and blogs.
You should be able to demonstrate the following:
Passion for understanding our customers, open source community, products, culture, and business model.
A strong desire to learn in a rapidly growing and dynamic startup environment.
Ability to work closely with end users in a consulting or support capability.
Excellent written and verbal communication skills.
Good interpersonal skills and capabilities to build long-term business relationships.
BS/MS degree in engineering, computer science, or information security.
CISSP and/or other cloud security solutions certifications are a plus.