Information Security - Compliance Analyst (EveryAction)
Overview
It was recently announced that EveryAction is combining with CyberGrants and Social Solutions to create the second-largest and fastest-growing social good software company in the world.
How we're growing bigger, better, stronger:
Our number one goal remains the same as ever: keeping our shared culture of being mission-minded and passionately committed to propel social good. Bringing three like-minded companies together was deliberate - we all provide individual solutions that help social impact; but combined we're creating a mammoth opportunity to accelerate change.
We are actively recruiting across roles in the US and beyond. This role is in Austin/Boston/DC and ideally based hybrid/remote approximately early 2022 when CDC guidelines are favorable.
Currently we are a remote workforce and have equipped our teams with the technology to stay connected to each other and as close to our customers as possible.
Responsibilities & Requirements
What you will do - responsibilities and requirements:
Further details on the job description follow:
- Develop strategies for recognizing security compliance needs, and embedding them into our company processes and procedures.
- Partner with business stakeholders to educate our staff and evangelize security principles at all levels of the organization.
- Interface with our clients to identify the security controls needed to protect their valuable data, and create strategies for implementing or maintaining these controls in our environments.
- Identify and document security risks in our environments, and advise Product, Engineering, and Infrastructure team on task/project prioritization.
- Evaluate new and existing third party vendors for risk, and lead conversations with the business to continually improve our vendor integration strategy.
- 3-5 years of experience implementing controls for common information security frameworks (NIST, ISO 27001, CIS, etc.)
- 3-5 years of experience working with auditors to achieve compliance standards (SOC2, FedRAMP, HIPAA, 21 CFR, etc.)
- Strong cross-functional engagement & communication skills
- Strong conceptual understanding of Agile software development, as well as modern CI/CD and SDLC methods.
- Analytical experience, able to distill complex framework requirements into actionable steps for Engineering, Product, and Infrastructure teams
- Knowledge of risk assessment tools, technologies and methods.
- Ability to communicate network security concerns to peers and management.
About Social Solutions Global
Benefits summary: Some of the basics: Flexible PTO, 100% employer paid benefits for employees, 8 hours of volunteer time per quarter, career advancement opportunities across multiple offices and functions and of course - when we can - company sponsored events and happy hours.
To ensure candidate and employee health, Social Solutions is conducting the interview process remotely via Zoom for the foreseeable future.
In order to fulfill Social Solution's mission to "help people transform lives," we seek to build teams that leverage diverse perspectives to create an innovative and welcoming environment.
To that end, we make employment decisions based on qualifications, merit and business need. Social Solutions does not discriminate on the bases of age, race, color, religion, sex, sexual identity, gender identity, national origin, protected veteran status, or disability.