Senior Security & Compliance Analyst

Job description

At Imply, our mission is to empower people and organizations to achieve more with their data. We believe that better insights lead to better decisions, and that the right technology can remove barriers, spark innovation and create lasting impact. In addition to our successful database business, we’re building the industry’s first observability warehouse, Imply Lumi. Built by the creators of Apache Druid, Lumi lets organizations store more data, support more use cases and spend less for observability. Imply Lumi is a high-performance, cost-efficient data layer built to decouple existing observability tools with zero disruption.

In this role, you will help redefine what is possible with observability and security data. As part of the Information Security team, you will play an important role in bringing Imply Lumi to life. Lumi delivers lightning fast queries, significant cost savings and seamless integration with leading observability technologies while giving customers the freedom to innovate without vendor lock-in. You will partner directly with our teams who are innovating and building this first-in-class technology that allows our customers to unlock new levels of speed, scale and value from their data.

Backed by leading investors including a16z and Bessemer Venture Partners, Imply is on a fast growth trajectory, transforming how organizations manage and gain insights from their observability and security data. Our customers, including  Pepsi, Reddit, Roblox, Salesforce, and others, rely on our technology to power faster decisions, reduce costs, and unlock new possibilities. Come join a team of innovators and problem-solvers who are reshaping the future of data!

The Role:

As a Sr. Security & Compliance Analyst, you will work across functional teams including Imply Engineering, IT, HR, Legal, People Operations to ensure enterprise and product security control requirements are implemented and monitored to satisfy, SOC2, HIPAA/HITRUST, ISO 27001, PCI, GDPR etc. as well as additional compliance frameworks as necessary.

Responsibilities:

• Review and determine applicability of requirements of regulatory compliance frameworks
• Engage directly with regulators and auditors to manage compliance audits, conference calls, and / or in-person meetings
• Own compliance programs and other compliance offerings in collaboration with global team members
• Coordinate with global and cross-functional teams to provide assessors and customers with meaningful updates on features and programs
• Validate on-going compliance of policies and procedures in support of regulatory requirements and work with our internal teams to improve policy and procedure documentation
• Follow up with internal stakeholders to ensure completion of compliance-related tasks and controls
• Understanding and ability to define specifications, write high-level documents, and interpret regulatory and compliance requirements into concrete product requirements.
• Ability to evaluate security requirements for third-parties within the context of implementation within the enterprise/product.

Requirements:

• Our ideal Sr. Security & Compliance Analyst must have:
• Led compliance and / security audits in the past and understands how to support an audit end to end
• Technical competence and cloud computing experience to sufficiently understand and explain complicated security concepts
• Technical understanding of AWS, Azure, and GCP cloud platforms, including how components and services are used and secured
• Familiarity and experience with the following standards:, ISO 27001, SOC2, HIPAA/HITRUST, PCI, GDPR etc.
• Project or program management experience and exceptional organizational skills and is extremely detailed oriented
• Extremely high ethical standards as proven by successful background checks and references
• Achievements that demonstrate exceptional written and verbal communication skills and experience working with executive level contacts
• Previous experience working with a variety of personalities from a variety of cultures and backgrounds
• CISA, CISSP or similar certification.

Bonus Points:

• CISSP, CISM, CISA, CEH, OSCP, or similar certifications
• Strong understanding of the legal world, contracts, and how it all works.
• Strong understanding of the current Privacy landscape and regulations in-place
• Experience and knowledge in developing systems and configuring security postures.
• Experience in two or more of the following technical areas: Virtualization, Cloud Computing, Database Management, Software Development, Integration, Static and Dynamic Code Analysis, DevOps/DevSecOps with emphasis on security testing in CI.
• You’ve used and are familiar with leading cloud-based tools

What we offer:

• 100% Paid Medical, Dental and Vision Benefits
• 401(k) Program
• Fertility Coverage
• Pet Insurance
• Dependent Care FSA
• Mental Health Support
• Life and AD&D Insurance
• Unlimited Paid Time Off
• Wellness Stipend
• Home Office Equipment Reimbursement
• Pre-Tax Commuter Benefits

Individual compensation will be determined based on the candidate’s experience and qualifications aligned with Imply’s internal levelings guidelines and benchmarks. The below range encompasses roles with on target earnings. This role is also eligible to participate in Imply’s equity plan subject to the terms of the applicable plans and policies.

Compensation: $133,000 - $170,000

Don’t meet every single requirement? Studies have shown that certain minority groups are less likely to apply to jobs unless they meet every qualification. At Imply, we are dedicated to building a diverse, inclusive and authentic workplace. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or for other roles in the future.

Imply is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, gender identity or expression, marital status, national origin, disability, protected veteran status, race, religion, pregnancy, sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.

Please note, applications and candidate submissions are subject to our privacy policy and, for California residents, the CCPA terms available at https://imply.io/privacy.

—

Attention: Imply Applicants

Due to reports of phishing, we’re requesting that all Imply applicants apply through our official Careers page at imply.io/careers. All official communication from Imply will come from email addresses ending with @imply.io.

#LI-Remote