Compliance Analyst
Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense.
The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching.
Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista”), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures.
**no relocation or visa sponsorship available **
**remote/hybrid**
What You'll Be Doing
The Compliance Analyst will act as a key contact and support the GRC team to help ensure compliance and security standards are met for the company. In this role, you will help drive implementation of security controls, compliance awareness and report initiatives to key partners and Senior Management. Responsibilities will also include helping to build, maintain and improve effective policies, processes, training and communications. You will work with other groups, including Engineering, Operations, IT, Legal and HR to set shared goals and resources to meet deadlines, identify risks and remove roadblocks. The Compliance Analyst will also help support internal and external audits.
Responsibilities Include:
As the Compliance Analyst, you will be assisting the team conducting security policies review, security risk assessments, participating in multiple internal and external audits, supporting the business with IT Security and Compliance related tasks, performing third-party vendor assessments and executing on the day-to-day departmental operational activities.
▪ Support in Internal and/or External Audits and Security Assessments (e.g., ISO27001, ISMAP, SOC2 and other compliance frameworks)
▪ Conduct periodic IT compliance reviews to ensure appropriate design and operating effectiveness of primary controls. Identifying gaps in controls and propose remediation plans
▪ Assist in the day-to-day compliance and audit operational activities
▪ Work with control owners to ensure timely review and updates to documentation, controls, and the completion of remediation items.
▪ Attend periodical status meeting with Internal/External Audit teams
▪ Perform third party vendor risk assessments by reviewing the vendors security posture and architecture, drafting a security assessment report outlining risks identified
▪ Provide technical knowledge and analysis of information assurance, including application controls; operating systems; physical security e.g., access control and perimeter protection; identity and access management; risk assessment; privacy, critical infrastructure continuity and contingency planning; security awareness and training.
▪ Initiate, facilitate and promote activities to foster information security awareness within the organization.
▪ Support the ongoing and annual security awareness training program, reviewing the content, coordinating assignments and follow up with end users to ensure training is completed timely
▪ Relationship building and communication skills especially in areas where diplomacy is needed to help ensure that new policies and procedures gain the support they need to be adopted by the organization.
▪ Identify opportunities for improving third party risk posture as well as Menlo Security third party risk management processes.
Skills and Experience:
▪ Experience working in a startup is a strong plus.
▪ Experience with security and compliance as it relates to a SaaS offering.
▪ A degree in an IT-related field or equivalent experience.
▪ Strong written and verbal communication skills.
▪ Proactive, self-motivated, and strong ability to learn new things with little guidance.
▪ Highly organized and thorough with critical attention to detail and documentation.
MSGL-I4
Why Menlo?
Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy.
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.