About Tradeshift

Tradeshift is the cloud-based supply chain platform that transforms the way B2B buyers and sellers connect, transact and trade. We’re a leader in e-invoicing and AP automation, offering tools for compliant e-invoicing in 50+ countries, including China. We’re also an innovator in B2B marketplaces and embedded fintech services that bring value, opportunity and growth to any business that joins the network. Tradeshift’s vision is to connect every company in the world, creating economic opportunity for all. Today, the Tradeshift platform is home to a rapidly growing community of buyers and sellers operating in more than 190 countries.

Vision: To connect every company in the world, creating economic opportunity for all.  

Mission: We build technologies that help companies grow by giving them access to cheaper capital, increased efficiency, and digital global trade. 

Tradeshift connects and empowers B2B commerce across global supply chains. We help B2B buyers and sellers grow together through technology that ensures every business has the access and tools they need to benefit fully from digital global trade.We’re a leader in e-invoicing and AP automation, offering full international compliance in 50+ countries including China. We’re also an innovator in B2B marketplaces and embedded fintech services that bring value, opportunity and growth to any business that joins the network. 

Seller value sits at the core of our technology proposition, and suppliers have voted Tradeshift the most reliable network on the market. Our commitment to creating value for any business that joins the Tradeshift network means suppliers onboard faster and buyers achieve their digitization objectives quicker. We establish an average of 40,000 new seller connections to Tradeshift every month. 

Our open platform offers seamless integration with any application you need to manage your supplier relationships. Pick a partner capable of delivering across your entire digital transformation journey - Digitize, Automate, Grow. 

Tradeshift has grown to over 400 people with offices in 9 countries and a Hybrid, virtual first way of working, but our focus hasn’t wavered. We believe that nothing connects a fragmented world like commerce. We digitize and connect everything that happens between a buyer and a seller, anywhere in the world.

We help businesses:

• Connect with all their suppliers digitally
• Remove paper and manual processes across procure-to-pay
• Buy what they need faster and manage supplier risk

Products:

• B2B Marketplace Platform for E-Procurement
• AP Automation
• Supplier Collaboration & Analytics
• Supplier Financing
• Virtual Credit Cards
• Professional Services

Platform & Network Stats

• The Tradeshift network is approaching 120,000 transacting suppliers and 2.5 millions connections 
• Buyers in 78 countries and Sellers in 97 
• Process approximately 2,000,000 transactions per month
• In excess of $20B dollars transacted on the platform monthly 
• In July 2021, Tradeshift surpassed one trillion dollars in total value of transactions processed across its platform 

Tradeshift is looking for a Cybersecurity Risk and Compliance Specialist within our security compliance team to work on a variety of challenges related to scaling security and compliance programs. Our dynamic security compliance group has their feet in both the compliance world as well as the technical side of things. We’re collaborating on the build and implementation of technical controls, mitigations, and coordinating across engineering teams to help them understand how compliance intersects with their own work.

You will become a member of a very skilled, international, cross-functional, and self-driven security organization that spans the planet. At Tradeshift, we are changing the way companies operate by building the largest business network in the world with over 1 trillion USD transacted so far. We’re looking for applicants that are passionate about security to join us on our journey and help solidify our security foundations.

What you’ll be doing:

• Taking a risk-based approach to security compliance
• Helping with defining and executing projects to assess and lower cybersecurity risk
• Continually improving internal security and data protection compliance program
• Working across teams on both technical and process based security initiatives
• Building controls, training and policies where needed, ideally with automation in mind
• Work with existing and new customers to answer security related questions
• Assist with security incident detection and response

What you’ll be doing in the first 6 months:

• Helping with existing security initiatives, and taking part in rolling out new ones
• Participating in PCI, and SOC 1 and 2 audits
• Working across teams on security and compliance initiatives
• Evaluating control compliance by partnering with engineering teams and hands-on assessing systems
• Defining and acting on control requirements and implementation schedules
• Documenting and centralizing controls, policies and training details
• Reviewing and commenting on operational business for continued risk reduction

Education, certification and work experience we’re looking for:

• Familiarity with security standards - PCI / SOC 1 & 2 / ISO 27001 / NIST CSF
• Experience with cloud native environments - AWS a plus
• Theoretical and practical knowledge around securing systems
• Experience in a technical security/compliance role 
• Solid grasp of Linux fundamentals
• Experience both auditing and engineering is a big plus