Senior Security Risk and Compliance Analyst

At Jamf, we believe in an open, flexible culture based on respect and trust. Our track record and thriving work environment all stem from the freedom we grant ourselves to get the job done right. We take pride in helping tens of thousands of customers around the globe succeed with Apple.

The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as #OneJamf.

What you’ll do at Jamf:

At Jamf, we empower people to be their best selves and do their best work. The Senior Analyst – Security Governance, Risk & Compliance is responsible for ensuring that Jamf ‘s security controls, policies, and procedures are designed and implemented in accordance with applicable laws, regulations, and industry standards. Reporting to the Director of Security Risk & Compliance, the Senior Analyst will take a lead role in the activities and improvements across the entire scope of Jamf’s Security Governance, Risk & Compliance program. 

This role is offered as hybrid. We are only able to accept applications for those based in Katowice and nearby and have sponsorship to live and work in Poland.

#LI-Hybrid 

What you can expect to do in this role:

• Maintain the security risk assessment methodology and practices in accordance with industry standards (e.g. COSO) and best practices. 
• Lead risk assessment activities providing guidance to team members in their evaluation of cyber risk and treatment plans, and follow up to ensure appropriate action is taken to mitigate risk.
• Maintain security policies to ensure compliance with relevant laws, regulations, and industry standards. Develop policies for any identified gaps in coverage.
• Collaborate with teams across Jamf to ensure security policies are consistently implemented and provide guidance on policy compliance matters.
• Develop a security controls baseline and oversee processes to monitor compliance with the related policies and procedures. 
• Lead annual external audits to ensure Jamf’s ongoing maintenance of its security certifications (i.e., ISO 27001, ISO 27701, SOC2 Type 2, StateRAMP). Collaborate with internal teams to address security findings and implement corrective actions. Take a lead role in new certification initiatives.
• Support the vendor risk management function for evaluating Jamf’s vendors and partners to identify potential risks; identify potential improvements and manage their implementation.
• Review security terms in vendor and partner contracts; develop and implement a standard security terms annex for inclusion in all vendor and partner contracts.
• Support the customer assurance process for responding to questions and questionnaires from customers, potential customers, and partners regarding security and compliance; identify potential improvements and manage their implementation. 
• Review security terms in customer contracts and collaborate with security teams to ensure control requirements are implemented.
• Support the security awareness training program.
• Review and analyze existing workflows and practices for effectiveness and efficiency.

What we are looking for:

• Bachelor’s Degree in Computer Science or related field.
• Fluency in English. 
• 5+ years of relevant experience (e.g. security operations, governance, risk management, compliance)(Required).
• 5+ years of demonstrated experience with ISO 27001, ISO 27701, SOC2 audits; StateRAMP and FedRAMP audit experience is a plus. 
• Proficiency in risk management methodologies, cybersecurity frameworks, and regulatory compliance.
• Working knowledge of operating systems, networking, cloud technology, security tools.
• Experience in use of GRC applications.
• Proven history of contributing to or leading security governance initiatives.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent written /verbal communication and interpersonal skills; ability to translate complex cyber security risks and strategies to non-technical team members, including executive leadership.
• Ability to lead multiple projects simultaneously. 
• A practical mindset that can balance compliance and business needs.
• Preferred Certifications/Licensures: 
  • CGRC, CISA, CISSP, CISM, CompTIA Security+
  • Amazon Web Services (AWS) experience. 
  • Knowledge or security training from ISACA. 

Why Jamf?

• We’re so proud to announce we've been named in @G2's 2025 Best Software Awards for:
  🏆 Best Software for Enterprise Business
  🏆 Best Software for Mid-Market Business
  🏆 Best Software Companies
  🏆 Best IT Management Software Products
• Jamf is a 2024 TrustRadius Tech Cares Award Winner!

What it means to be a Jamf?
We are a team of free-thinkers, can-doers, and problem-crushers. We value humility and the relentless pursuit of knowledge. Our culture flows from a spirit of selflessness and relentless self-improvement - driving both personal growth and collective progress throughout our company. We unite around common goals while respecting personal approaches, believing that fulfilled individuals create a thriving, vibrant workplace.  

Our aim is simple: hire exceptionally good people who are incredibly good at what they do and let them do it. We provide the support and resources to let everyone be their authentic, best selves at work, at rest, and at play. We are committed to supporting the continual improvement of Apple in the workplace, the organizations that rely on them and the people who keep it all running smoothly.  

Above it all, waves our banner of #OneJamf – and the knowledge that when we stand together, we accomplish so much more than we could alone. We seek individuals who share this unwavering journey toward growth to join us in our quest for constant improvement. 

What does Jamf do?
Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, customers are able to confidently automate Mac, iPad, iPhone and Apple TV deployment, management, and security – anytime, anywhere – to protect the data and applications used by employees in the workplace, students learning in the classroom, and streamline communications in healthcare between patients and providers. More than 2,500 Jamf strong worldwide, we are free-thinkers, can-doers, and problems crushers who are encouraged to bring their whole selves to work each and every day.

Get social with us and follow the conversation at #OneJamf

Jamf is committed to creating an inclusive & supportive work environment for all candidates and employees. Candidates with disabilities or religious beliefs are encouraged to reach out if they need additional support or alternative options to our recruiting processes to accommodate their disability or religious belief. If you need an accommodation, please contact your Recruiter or Recruiting Coordinator directly. Requests for accommodation will be handled confidentially by Recruiting and will not be shared with the hiring manager. Jamf is an equal opportunity employer and does not discriminate against individuals who request reasonable accommodation for disability or religious beliefs. To request accommodations please email us at recruiting@jamf.com