Senior Security Compliance Analyst

Job Function Description:

As the Senior Security Compliance Analyst, you will function as the externally-facing security compliance lead. You will:

• Work closely with customer-facing teams to manage pre-sales and annual customer audits, contract information security reviews. You will track, report and resolve customer compliance issues and requests
• Develop and maintain information security documentation including public and confidential security posture statements
• Train and oversee customer-facing teams security-related communications
• Contribute to Cyara’s overall security and privacy roadmap by providing requirements from customers, certification and regulatory frameworks
• Develop and oversee security and privacy awareness training program for all internal staff
• Contribute to ISO27001, SOC 2 and regulatory (GDPR, HIPAA) programs.

You will be responsible for:

• Develop, manage and report on a scalable customer vendor risk audit tracking system
• Ensure timely and accurate completion of internal and external security audits
• Assist in the security tasks of various teams such as engineering, IT, and HR to ensure compliance across the organization
• Develop and provide training to improve the security awareness and knowledge for all employees and contractors
• Work with teams across the organization to develop and communicate status on security compliance road map
• Track and report on security risk activities
• Track and review security compliance evidence in a continuous compliance model

Let’s talk about your skills/expertise:

• Bachelor's degree in computer science, computer engineering, or a similar field or equivalent experience
• 8+ years security compliance experience
• Certification by a security professional organization (CISSP, CISM, etc)
• Knowledge across all security domains
• Knowledge of Cloud Computing and Cybersecurity controls
• Knowledge of developing security compliance regulations and best practices for managing AI risk
• ISO27001, SOC 2, HIPAA, GDPR auditing or implementation experience.
• Knowledge of security standards and audit frameworks (e.g., ISO 27001/2, NIST CSF)
• Ability to work and communicate across various teams and at various levels of the business

Nice to Haves

• Knowledge and experience with security configuration and monitoring of AWS
• Experience in both startups and established organizations
• Experience with implementing AI security policies, specifically with respect to ISO/EU standards.