Own US customer trust operations: Manage intake, triage, prioritization, and completion of customer security questionnaires, vendor risk assessments, and RFIs for US-based customers.
Respond to customer security inquiries with technical depth: Complete questionnaires accurately, respond to RFIs, and address customer security concerns with responses that demonstrate understanding of Smartsheet's architecture and security controls.
Manage questionnaire queue and ensure SLA compliance: Maintain visibility into pending assessments, track completion timelines, and escalate delays. Keep customers informed of progress and manage expectations.
Build customer relationships and provide security assurance: Become a trusted resource for customer security teams. Understand their compliance requirements, ask clarifying questions, and provide responses that build confidence in Smartsheet's controls.
Support US sales teams: Work with sales and customer success teams to remove security-related deal blockers, provide compliance assurance materials, and accelerate customer buying cycles.
Escalate and collaborate on complex assessments: Identify questions requiring specialized expertise (AI security, FedRAMP, HIPAA, specific control implementations) and escalate appropriately. Work cross-functionally to gather evidence and provide comprehensive responses.
Understand industry-specific compliance: Respond to questions about HIPAA, NIST, state privacy laws (CCPA, etc.), PCI DSS, and sector-specific requirements relevant to customer industries.
Drive process improvements: Identify opportunities to improve questionnaire completion efficiency, update response templates, and recommend changes that benefit the team and customer experience.
You Have
5+ years of experience in customer trust, vendor risk, security assessment, or customer-facing security engineering roles at SaaS or cloud platform companies.
A degree in Computer Science, Computer Engineering, Cybersecurity or a related field or equivalent practical experience.
Proven track record completing customer security questionnaires, vendor assessments, and conducting security RFI responses.
Working knowledge of GRC frameworks and standards: Familiarity with SOC 2, ISO 27001, NIST frameworks, HIPAA, and compliance assessment practices.
Strong technical security foundation: Understanding of cloud architecture (AWS, GCP, Azure), application security, access controls, encryption, logging, incident response, and data protection sufficient to answer technical questions credibly.
Excellent written and verbal communication: Ability to explain complex security topics clearly to both technical and non-technical audiences. Skill in adapting communication style for different customers and contexts.
Queue management and SLA discipline: Comfort with ticketing systems, managing multiple concurrent requests, tracking dependencies, and prioritizing work.
Collaborative mindset and cross-functional teamwork: Ability to work effectively with sales, customer success, product security, and engineering teams. Strong at seeking help when needed and escalating appropriately.