Security Analyst
Remote (United States)
Full Time Entry-level / Junior USD 110K - 140K
BetterComp
About the Company
BetterComp, a rapidly growing SaaS company, is disrupting the HR/compensation space with its decades of compensation and market pricing experience. Our revolutionary approach to comp-tech is the solution comp teams have been yearning for, making us a unique and exciting company to be a part of. If you have been working as a compensation professional or consultant and are looking for a change in career that keeps you connected to the profession but focused on technology, we’d love to talk to you!
What you bring:
- Proven experience in security program management, policy lifecycle management, and compliance, preferably in a fast-paced, remote work environment.
- Strong understanding of security frameworks, regulations, and standards, including SOC 2, NIST and GDPR, and experience in preparing for and facilitating external audits.
- Familiarity with security monitoring and technical controls and the ability to work with IT, product, and engineering teams to implement these controls effectively.
- Excellent communication skills, with the ability to articulate complex security concepts to both technical and non-technical stakeholders.
- Strong organizational skills, with a focus on follow-through and the ability to manage multiple priorities in a dynamic environment.
- Experience with security automation tools and techniques, and a proactive approach to identifying and implementing efficiencies in security operations.
- A collaborative mindset, with the ability to work effectively with cross-functional teams to achieve security and compliance goals while supporting business objectives.
- Experience interfacing with customer security teams, particularly in the context of vendor risk management, security questionnaires, and compliance inquiries.
What you’ll do:
- Policy Lifecycle Management:
- Collaborate with policy owners to refine, update, and maintain security policies, ensuring they are specific, actionable, and aligned with the organization’s operational practices.
- Ensure policies are reviewed and updated at appropriate intervals to reflect changes in the business environment, technology, and regulations.
- Drive personnel awareness and acceptance of security policies, ensuring that all staff understand and comply with the organization’s security requirements.
- Partnering with Management:
- Work closely with management to ensure that security policies are integrated into job roles and responsibilities across the organization.
- Support the translation of policies into practical procedures and practices that can be effectively implemented by teams.
- Ensure that personnel understand their part in ensuring a strong security culture, including socialization of security concepts, role specific training, and a trusted contact point to help resolve security concerns.
- Technical Control Definition and Implementation:
- Collaborate with IT, product, and engineering teams to define appropriate technical controls that support security policies.
- Assist in the implementation of these controls, ensuring they are aligned with both security and business objectives, and are demonstrably effective.
- Security Posture Reporting:
- Develop and maintain security metrics that provide visibility into the organization’s security posture and help manage compliance and risk.
- Regularly report on these metrics to key stakeholders, including leadership, to inform decision-making.
- Audit Facilitation:
- Prepare and organize the necessary documentation and evidence to facilitate external audits, particularly for SOC 2 Type 2 certification.
- Work closely with auditors to ensure a smooth and successful audit process, addressing any findings or recommendations.
- Automation and Efficiency:
- Identify opportunities to automate security processes and controls, reducing the time and effort required to maintain a robust security posture.
- Implement automation tools and strategies that streamline security operations and enhance overall efficiency.
- Customer Security Interaction:
- Serve as the point of contact for customer security teams, addressing concerns related to vendor risk management.
- Respond to security questionnaires, clarify questions related to the organization’s security policies and controls, and provide detailed explanations as needed.
- Build and maintain strong relationships with customer security teams, ensuring their confidence in our organization’s security practices.
Why you’ll love it:
BetterComp is revolutionizing how comp teams market price jobs. With a client base that includes numerous Fortune 1000 companies, we are ready to challenge the traditional methods of compensation. Our innovative approach is yielding results, with a strong product market fit and rapid growth over the past 4 years.
Our team is the cornerstone of our success. We are committed to hiring the best people and empowering them with the space and autonomy to excel. At BetterComp, you’ll collaborate with some of the most innovative, thoughtful, and talented individuals, tackling the most challenging compensation issues.
What we offer:
- Competitive compensation package that includes:
- Base salary range for this position: $110,000 - $140,000 (annually based on location)
- Equity
- Unlimited, flexible PTO
- Health, dental, and vision insurance
- Simple IRA with company match
- Fully remote, work from home
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States.
Tags: Audits Automation Compliance GDPR Monitoring NIST Risk management SaaS SOC SOC 2
Perks/benefits: Competitive pay Equity / stock options Flex hours Flex vacation Health care Startup environment Unlimited paid time off
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.