Senior Compliance Program Manager
About the role
Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise, we are constantly pushing the envelope, leveraging the world’s largest security data lake to power our cloud-native Zero Trust Exchange platform. This innovation protects our customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
We say, impact over activity. We seek innovators who actively use AI to amplify their impact and who thrive in an environment where we leverage intelligent systems to stay ahead of evolving threats. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership, and accountability. We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential.
What You’ll Do (Role Expectations)
- Own and manage end-to-end Commercial Security compliance audit programs — including SOC 2, ISO, and PCI DSS — from planning through certification, ensuring timely delivery that meets customer expectations
- Serve as the primary program owner driving audit readiness, evidence collection, and cross-functional coordination with internal teams and external auditors
- Proactively manage timelines, milestones, and stakeholder commitments while continuously monitoring evolving regulatory requirements to keep programs current, effective, and aligned with the organization's risk posture
Who You Are (Success Profile)
- Thrive in ambiguity, maintaining high comfort levels when navigating dynamic environments and using fluid situations as the raw material to build meaningful solutions
- Act like an owner, driven by a strong passion for the mission and a bias for action that allows you to transition seamlessly between high-level strategy and hands-on execution
- Be a high-trust collaborator who actively participates in a challenge culture, giving and receiving candid feedback with clarity and respect to build organizational trust
- Be customer-obsessed, establishing deep empathy for both internal and external stakeholders while anchoring all core decisions in solving real-world problems
- Operate with urgency, executing tasks with a relentless focus on delivering high-quality, impactful results rapidly to win for both the customer and the team
What We’re Looking For (Minimum Qualifications)
- Demonstrated curiosity and active exploration of AI tools, with a proven history of integrating new technologies to enhance daily workflows and augment problem-solving
- 10+ years of direct experience in security compliance, audit management, or risk assessment within a SaaS or cloud-based enterprise environment
- Demonstrated ability to manage complex, multi-stakeholder audits, ensuring clear communication between technical engineering teams and customer compliance officers
- Deep understanding of global security frameworks (e.g., SOC2, ISO 27001, GDPR) and experience mapping these controls to business requirements
- Proven leadership experience in a customer-facing capacity, capable of influencing senior-level stakeholders and resolving high-pressure compliance escalations
What Will Make You Stand Out (Preferred Qualifications)
- Experience leveraging AI-powered GRC platforms or automation tools to streamline audit evidence collection, reduce manual effort, and improve response accuracy
- Advanced professional certifications such as CISA, CISSP, or CISM, demonstrating deep expertise in security governance
- Prior experience designing and maturing audit readiness programs in a hyper-growth SaaS organization, specifically scaling processes to manage increasing request volumes without compromising quality