Security & Compliance Analyst
SOCi, the Comarketing platform for multi-location brands, is currently looking for a GRC Analyst to help SOCi manage its industry-leading enterprise information security and compliance program. The Governance, Risk, and Compliance (GRC) Analyst plays a critical role in helping us manage our regulatory obligations, control risks, and govern internal operations effectively. This professional is responsible for managing compliance activities (such as audits) identifying and evaluating compliance risks, interpreting regulations, ensuring that control mechanisms are in place, and assessing the effectiveness of various business and security processes. They work closely with different departments, such as legal, IT, engineering and operations, to ensure that policies and procedures align with both internal standards and external regulatory requirements. By conducting compliance audits, analyzing data, and producing and analyzing reports, the GRC Analyst helps the organization make informed decisions to mitigate risks, improve operational efficiency, and achieve strategic objectives while adhering to compliance requirements. The GRC analyst will participate deeply in all external audits (such as SOC 2 and ISO 27001) and will be the main person responsible for tracking and ensuring that security issues and nonconformities are worked to successful completion.
Who We Are
SOCi is one of the fastest-growing technology companies in the country, ranking in the top tier of Inc 5000’s Fastest Growing Companies in America list for the last several years consistently. The builder of an award-winning enterprise SaaS marketing platform, and one of Forbes’ Best Startup Employers, SOCi boasts hundreds of the world’s largest brands as its customers. At SOCi, nothing is more important to us than the clients we service every day. The SOCi platform specifically solves complicated marketing and workflow problems for national and global multi-location brands that want to scale and optimize their presence. View more on our Awards & Accolades here!
How You’ll Make an Impact
- Managing the SOC 2 and ISO 27001 audit and certification process, including project management, evidence coordination, audit activities, and planning
- Performing compliance auditing and verification that SOCi information security policies are being complied with
- Completing customer security questionnaires
- Managing, remediating, and following up on security and audit issues, and making sure the loop gets closed on issues and nonconformities
- Tracking emergent security and compliance laws and regulations
- Coordinating cross-functional activities, such as privacy/legal, marketing, and operations
- Writing and managing policies and procedures
- Collecting and analyzing risk and security metrics
- Ensuring that customer-specific security contractual requirements are complied with and tracked
- Acting as an internal consultant for lower-risk security activities such as access approvals and routine security requests
- Lightweight project management for security and GRC projects
- Participating in our Virtual Security Operations Center (vSOC) in analyzing security issues and events
What You’ll Need to be Successful
Remote Opportunity: Ability to work 100% remotely
- Very Strong attention to detail, organization and follow-up skills
- Bachelor's degree in computer science, information security, business or a related field, or equivalent experience.
- 2-3 years of experience in compliance, information security or IT.
- Knowledge of security best practices.
- Excellent communication and interpersonal skills - you will be frequently working with others.
- Ability to work independently and as part of a team.
- Basic understanding of cloud environments (including AWS, GCP and Azure)
- Familiarity with information security standards and certifications such as SOC 2 and ISO 27001.
What SOCi Provides to You
- Comprehensive Benefits Package (non-contract roles only)
- Health insurance plans, dental, and vision
- Wellness incentives
- 401(k) plan with employer match
- Flexible Work Environment
- Flexible paid time off (non-contract roles only)
- Quarterly wellness days
- Paid holidays
- Unique employee engagement programs
- Empowering Career Growth and Success
What’s Important at SOCi
Led by a team of industry experts, SOCi is leading the pack in Localized Marketing for Multi-Location brands. Our passionate team of SOCialites work from home around the globe!
Our collaborative, dynamic culture allows our teams to work cross-functionally and optimize productivity. We are a fast-paced, agile environment where thought leadership and input are encouraged. If you are looking for a place where you can come and make a difference in the way enterprise organizations utilize social technology, then SOCi is for you. Visit MeetSOCi.com for more information.
SOCi is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.