IT Security Analyst
Remote, United States
Full Time Entry-level / Junior USD 85K - 110K
Wpromote
Wpromote is a leading full-service digital marketing agency delivering results for clients with an agile, outcome-first approach and deep business intelligence.Wpromote seeks a highly motivated IT Security Analyst to enhance our security posture. This role will collaborate with our security vendors to achieve SOC 2 compliance and advance our CIS CSC controls. Working alongside our IT Operations and Infrastructure team, you will develop scalable security and data protection processes. This position will play a key role in all security evaluations conducted by potential and existing clients. The ideal candidate possesses experience in SOC 2 audits, application security best practices, penetration test remediations, and security program assessments. A background in security auditing and documentation based on security standards is highly desirable.
At Wpromote, we believe that great work is only possible with great people. Our goal is to build a better, more inclusive work environment and support our people at every stage of their careers by prioritizing a strong work-life balance through our policies and benefits listed below. As a Best Place to Work according to both Ad Age and Glassdoor and Adweek’s Fastest Growing Digital Agency, we are moving fast to expand our teams and bring new experts into the fold to keep pushing the boundaries of what’s possible in marketing.
We offer:-Remote-first culture-Unlimited PTO-Extended Holiday break (Winter)-Flexible schedules-Work from anywhere options*-100% paid parental leave-401(k) matching-Medical, Dental, Vision, Life, Pet Insurance-Sponsored life insurance-Short Term Disability insurance and additional voluntary insurance-Annual Class Pass credits and more! The anticipated annual salary for this role will range from $85,000 - $110,000, based on consideration of a wide array of factors unique to each candidate, including but not limited to skill set, years and depth of experience, education and certifications, competitive benchmarks, scope of responsibility, market dynamics, geographic location, and respective state’s salary threshold for exempt employees. At Wpromote, pay ranges are subject to change and are based on specific market medians for similar jobs according to third-party salary benchmark surveys. Individual pay within that range can vary due to skills, experience, and available budget. The total compensation package for this role will include benefits (listed above).
*This position may be performed remotely in most states within the US, with some exclusions**While this role offers the flexibility to work remotely, we have office hubs in Los Angeles, Chicago, and New York, where you can join in on learning and development opportunities, fun events, take advantage of a space to work, and collaborate in person!***This position is not eligible for immigration sponsorship
Important Notice: Beware of Job ScamsWpromote recruiting communications will only be sent through our official channels via wpromote.com email addresses. If you see a posting elsewhere that is not reflected on Wpromote.com/careers, it may be a fraudulent posting. We do not require payment or fees during the hiring process nor do we request sensitive information, such as Social Security numbers or payment details. Please safeguard yourself against possible scams and contact us if you encounter any suspicious activity.
#LI-SD#LI-Remote
You Will Be
- Collaborate with security consulting vendors on SOC 2 compliance, penetration tests, and CIS CSC controls.
- Optimize SOC2 engagements through the automation of audit controls using SaaS platforms.
- Manage security evaluations from potential and current clients.
- Audit and update processes and policies to ensure compliance with security requirements.
- Propose and implement security best practices, processes, and policies for the company.
- Provide guidance and implement application security standards for internal development.
- Manage our vulnerability management solution and security awareness training platform.
- Implement solutions to prevent data loss, breaches, and service interruptions.
- Evaluate data privacy and security regulation updates to determine necessary organizational changes.
You Must Have
- 3-4 years of experience in cybersecurity and data privacy.
- Experience working with security vendors on SOC 2 audits and penetration test remediation.
- Experience auditing processes and policies for alignment with CIS CSC controls and SOC 2 compliance.
- Experience with GCP Command Center.
- Experience securing Google Workspace.
- Knowledge of OWASP and application security best practices.
- Experience remediating vulnerabilities through a vulnerability management system (e.g., Rapid7).
- Strong understanding of Mac operating system security.
- Bachelor's degree in computer science or a related discipline, or equivalent relevant experience.
- Excellent written and verbal communication skills.
- Ability to work independently and collaboratively.
- Security certifications, such as CISSP, are highly preferred.
Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Wpromote.
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9. For more information on E Verify, or if you believe that your employer has violated its E-Verify responsibilities, please contact DHS.
Tags: Application security Audits Automation CISSP Compliance Computer Science GCP OWASP Privacy SaaS SOC SOC 2 Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Health care Insurance Medical leave Parental leave Startup environment Team events Unlimited paid time off
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.