Security and Privacy Analyst

Proxyclick - Washington, DC

posted 12 days ago

Full-time - Entry Level
Washington, DC
501-1,000 employees

About the position

The Security and Privacy Analyst at Eptura will play a crucial role in the Governance, Risk, and Compliance (GRC) team, focusing on refining and implementing security and privacy controls for various SaaS applications. This position is designed for a candidate with strong communication skills and experience in risk assessment and audit, particularly with major security frameworks and global privacy regulations. The analyst will contribute to the development and maintenance of policies and procedures, ensuring compliance and enhancing the overall security posture of the organization.

Responsibilities

  • Contribute to risk assessments and internal audits to assess ongoing compliance with applicable security and privacy frameworks.
  • Develop ongoing compliance activities to monitor compliance with internal controls.
  • Assist in the maintenance of corporate policies, standards, procedures, and guidelines.
  • Work with key stakeholders to identify and document risks, develop remediation plans, and track remediation efforts to resolution.
  • Contribute to privacy compliance efforts, including documenting data flows, privacy impact and transfer impact assessments, and records of processing activities.
  • Complete security and privacy assessments for existing customers and new prospects.
  • Advise internal teams on best practices to help employees understand the 'why' behind security and privacy controls.
  • Assist in the continued development and administration of the security awareness program, including communication to relevant teams on security best practices.

Requirements

  • Knowledge of common security frameworks (ISO 27001, AICPA TSCs/SOC 2) and global privacy regulations (GDPR, CPRA, etc.).
  • A good understanding of risk assessment and common security vulnerabilities applicable to networks, platforms, and SaaS applications.
  • Understanding of cloud environments (GCP, AWS, Azure) and the SaaS delivery model.
  • Strong teamwork and collaboration skills with the ability to work across multiple business units (Engineering, HR, Legal, etc.) with multiple stakeholders.
  • Excellent written and verbal communication skills, including experience reporting and presenting to various audiences including senior leadership.
  • Previous consulting and/or audit experience is a plus.
  • Industry recognized certifications in security is a plus (CRISC, GRCP, CISSP, CISA, CISM).
  • A bachelor's degree is optional but preferred.

Nice-to-haves

  • Previous consulting and/or audit experience is a plus.
  • Industry recognized certifications in security is a plus (CRISC, GRCP, CISSP, CISA, CISM).
  • A bachelor's degree is optional but preferred.

Benefits

  • Health, Dental, & Vision with flexible PTO
  • Dependent, Spousal and Domestic Partner coverage available
  • Up to $1000 Company HSA Contribution
  • Medical, Dependent Care and Limited FSA Accounts
  • Income Protection and Replacement - 100% Company Paid
  • Short Term Disability
  • Long Term Disability
  • Life Insurance
  • Employee Assistance Program
  • Growth and Development Opportunities
  • All equipment provided to succeed in your role.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service