Listing Description

Working at Thoropass

Thoropass makes it as easy to do the right thing as it is to check a box. Our team members believe that partnership lightens the load. Not everyone can be an expert at everything – lending each other support in areas of weakness strengthens everyone’s offering. We collaborate openly and enthusiastically, without ego. Thoropass makes it as easy to do the right thing as it is to check a box.

What We Do

At Thoropass, we’re compliance experts, so you don’t have to be. Pairing easy software that’s always getting smarter with expert guidance and continuous monitoring, we integrate into your process to prepare you to pass any audit every year with flying colors. Hundreds of growing companies use Thoropass’s compliance automation platform, expert services, auditors, and partner ecosystem to get and stay compliant over the lifetime of their business. We offer SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, and other InfoSec and privacy frameworks.

We are a rapidly expanding team based in New York. We were founded in May 2019 and raised our Series C funding in November 2022. Our top investors include J.P. Morgan, PayPal Ventures, Fin Capital, Centana, and Bain Capital. We're growing customers and revenue dramatically, and we’re poised for continued break-out growth in 2023 and beyond.

About the Role

Thoropass is looking for a dynamic and enthusiastic Security & Compliance Sales Engineer to join our Growth team in New York City. Thoropass is a new approach to Information Security and Privacy Compliance, combining automation and expert advice and guidance. 

• Are you scrappy, resourceful, reliable, and a creative problem solver?


• Are you highly organized and detail-oriented with a strong bias towards getting things done?


• Do you have excellent communication skills and get energy from interfacing with other organizations in pursuit of their compliance objectives?


• Are you excited to channel your InfoSec expertise into strategizing with sales to win deals and drive revenue growth?


• Are you an advocate of continuous improvement and questioning the status quo?

In this role, you will be responsible for supporting the sales process by providing business and technical expertise and acting as a trusted advisor to clients and prospects in the information security, privacy, risk, and compliance space. The ideal candidate has a strong background in security and privacy frameworks such as SOC2, ISO 27001, and GDPR, and possesses excellent communication and problem-solving skills.

About You

You are knowledgeable in security and privacy frameworks, controls, and audit techniques but want to change how compliance is implemented and maintained. You have a fundamental understanding of Governance Risk and Compliance (GRC) tools, techniques, and processes. You have a buyer's mindset and can fluidly balance business and technology requirements with security and privacy requirements.  You understand how to balance security and privacy risks and keep a business operational and successful.  You’re an innovator motivated to improve the client experience by easing compliance-related operational burdens and producing transparency across the security landscape. You excel at working cross-organization to support and guide on various security and privacy topics. You are excited about the opportunity to work with passionate and innovative customers and are up for the challenge of helping them weave security and compliance into the culture and technology of their business at all stages.

Key Responsibilities

• Collaborate and consult with the sales team to understand customer needs and develop effective sales strategies and talk tracks.


• Interface with all levels of business and technology leaders in the buying cycle to showcase Thoropass differentiators.


• Conduct technical presentations and product demonstrations to potential clients and partners, showcasing the value and benefits of our platform, including information security and compliance solutions.


• Assist in preparing and delivering proposals, RFP responses, and other customer-facing materials.


• Act as a subject matter expert on security frameworks, including SOC2, ISO 27001, HIPAA, HITRUST, GDPR, CCPA, and other relevant compliance standards.


• Conduct on the fly risk assessments and gap analyses against industry best practices to identify potential security, privacy, and compliance gaps, and potential solutions for prospects.


• Provide guidance and recommendations on security and privacy controls, policies, and procedures to address client requirements.


• Collaborate with internal teams, including product management, engineering, and customer success, to ensure alignment between customer needs and product offerings.


• Stay up-to-date with industry trends, emerging technologies, and best practices in information security, privacy, risk, and compliance.

Key Skillsets / Knowledge Requirements

• Understanding of IT/business risk, GRC, security, and privacy  principles and requirements


• 3-7+ plus years of relevant experience


• Bachelor's degree in Computer Science, Information Systems, or a related field.


• Solid understanding of information security concepts, principles, and practices.


• Experience working with security frameworks such as SOC2, ISO 27001, HIPAA, or other compliance standards.


• Excellent communication and presentation skills, with the ability to articulate complex technical and business concepts to both technical and non-technical audiences.


• Strong problem-solving and evaluative skills along with solid organizational skills and appropriate attention to detail


• Will power to engage and manage customers


• Ability to work collaboratively and cross-organization in a fast-paced, team-oriented environment.


• Relevant certifications such as CISSP, CISM, CRISC, or other industry-recognized certifications or equivalent experience.


• Proven experience in a customer-facing technical role, preferably in a sales engineering capacity.


• Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and security technologies (e.g., SIEM, IDS/IPS, DLP) is a plus.

Compensation:

• The base salary range for this position is  $130,000 - $150,000 + a 20% variable


• Immediate access to health, dental, and vision care


• Early equity in a fast-growing company


• Hybrid work-from-home model


• Unlimited PTO


• Stipend for home office equipment


• Monthly wellness stipend