• Design, develop, and maintain internal controls in response to security and compliance goals: FedRAMP, SOC2, HIPAA, PCI-DSS, ISO27001, etc. • Perform security reviews and identify security gaps in architecture resulting in recommendations for inclusion in the risk mitigation strategy • Support tooling and automation that facilitate security and compliance related activities and lead to reducing the disruption of audit events • Lead planning, coordination and execution of 3rd party-risk assessments and audits • Develop and maintain internal and external-facing security and compliance documentation • Work with product and engineering teams to maintain compliance baseline in Sumo Logic products • Work with internal teams to formulate processes in line with compliance and security controls, hold them accountable for following them, and manage throughout Risk Treatment and Remediation plans • Provide direction to management team on compliance goals and statuses • Drive periodic reviews, updates, and maintenance of compliance items • Interface with external auditors and be a primary point of contact for audits • Participate in maintenance of standard security and compliance collateral for marketing and sales activities