Security and Compliance Analyst FL

Security and Compliance Analyst

Primary Responsibilities:

Compliance Analyst:

• Draft and refine compliance documentation
• Develop and maintain comprehensive compliance policies and procedures
• Conduct gap analysis and risk assessments
• Oversee SOC 2 Type 2 annual audits
• Prepare for audits and gather necessary evidence
• Liaise with external auditors
• Schedule and manage penetration testing and security scans (e.g., Snyk tests)
• Keep compliance work item calendar updated and ensure timely completion of tasks
• Work with technical teams to ensure proper implementation of controls
• Drive continuous improvement of the compliance program
• Ensure alignment of compliance efforts with business objectives and technical realities
• Manage technical compliance details (e.g., web certificate renewals.

Certification Lead Implementer:

• Drive the implementation of ISO 27001, 27017, and 27018 standards from inception to internal audit readiness
• Conduct comprehensive gap analysis against ISO requirements
• Develop and maintain the Statement of Applicability (SoA)
• Document processes and controls aligned with ISO standards
• Identify and address gaps in current practices
• Coordinate with various departments to implement necessary improvements
• Prepare for and support internal audits
• Keep the CISO informed of progress
• Experience using AI to increase productivity

Salesforce and Amazon Web Services Security Analyst:

• Assist with process improvement initiatives
• Assist with Sales RFPs, answering questions, etc.
• Contribute to quality assurance processes
• Aid in documentation and knowledge base management
• Participate in cross-functional teams to support company growth and efficienc

(Preferred) Solutions Engineer:

• Handle most of the security questions as a security expert in pre-sales discussions with prospective customers
• Able to explain and defend Flosums security posture for prospective customers and customers

Qualifications:

• Bachelor's degree in Information Security, IT, or related field
• 5+ years of experience in IT compliance, preferably in SaaS environments
• 3+ years experience in Salesforce
• 4+ years experience in AWS security
• Must have deep technical experience
• Experience using AI to improve productivity
• In-depth knowledge of SOC 2 and ISO 27001, 27017, and 27018 standards
• Strong understanding of cloud technologies and security principles
• Excellent analytical and critical thinking skills
• Outstanding written and verbal communication skills
• Experience drafting compliance policies and technical documentation
• Experience working with internal and external auditors
• Ability to translate complex technical concepts into clear policies
• Familiarity with Salesforce platform security (preferred)
• Familiarity with Amazon Web Services security (preferred)