Security Compliance Analyst - Risk

The Opportunity

Flexport is seeking a skilled and highly motivated Security Compliance Risk Analyst to join our Security team. As a Security Compliance Risk Analyst, you will be responsible for ensuring that our organization maintains a strong security posture and complies with industry regulations and standards. Your expertise in risk assessment, compliance frameworks, and security controls will be vital in identifying and mitigating potential risks. You will collaborate closely with cross-functional teams, including Engineering, IT, Legal, and Operations, to implement effective security policies and procedures.

You Will

• Conduct comprehensive risk assessments to identify potential security vulnerabilities and compliance gaps.
• Collaborate with internal teams to establish and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements.
• Develop and implement risk mitigation strategies, controls, and corrective action plans to address identified risks and ensure compliance with applicable security frameworks (e.g., NIST, ISO, PCI DSS).
• Monitor and assess the effectiveness of security controls and measures in place, regularly reviewing security logs, reports, and audit findings.
• Stay updated of evolving regulatory and compliance requirements, proactively identifying areas where the organization's security posture may be impacted.
• Conduct regular audits and assessments to ensure adherence to established security policies and procedures.
• Collaborate with teams to review system configurations, identify vulnerabilities, and recommend remediation actions.
• Prepare comprehensive reports and presentations on security compliance risks, findings, and recommendations for management and stakeholders.
• Assist in developing and delivering security awareness training programs to educate employees on security policies, procedures, and best practices.

You Should Have

• Bachelor's degree in computer science, information systems, or a related field. Relevant certifications (e.g., CISSP, CISA, CRISC) are highly desirable.
• Proven experience in security compliance and risk assessment within a corporate environment.
• Strong knowledge of industry security standards and frameworks, such as NIST, ISO, and PCI DSS.
• Familiarity with security control frameworks and regulatory requirements, including data protection and privacy laws (e.g., GDPR, CCPA).
• Experience in conducting risk assessments.
• Excellent understanding of security technologies, firewalls, intrusion detection systems, and vulnerability management tools.
• Strong analytical and problem-solving skills, with the ability to assess complex security risks and propose effective mitigation strategies.
• Excellent written and verbal communication skills, with the ability to present complex information to both technical and non-technical stakeholders.
• Strong attention to detail and the ability to work independently as well as collaboratively in a team-oriented environment.
• Continuous learning mindset to keep up with evolving security threats and technologies.

About Flexport:

We believe trade can move the human race forward. That’s why it’s our mission to make global trade easy for everyone. Flexport is building the platform for global logistics, empowering buyers, sellers and their logistics partners with the technology and services to grow and innovate. Today, companies of all sizes—from emerging brands to Fortune 500s—use Flexport technology to move more than $10B of merchandise across 112 countries every year. 

The recent global supply chain crisis has put Flexport center stage as we continue to play a pivotal role in how goods move around the world. At a valuation of $8 billion, we’re experiencing record growth and are proud to have the support of the best investors in the game who believe in our mission, solutions and people. Ready to tackle global challenges that impact business, society, and the environment? Come join us.

Worried about not having any freight forwarding experience?

Don’t be! Our mission is to make global trade easy for everyone. That’s why it’s important to bring people from diverse backgrounds and experiences together with our industry veterans to help move the global logistics industry forward.

We know this industry is complex. That’s why we invest in education starting day one with Flexport Academy, a one week intensive onboarding program designed specifically to set every new Flexport employee up for success. 

At Flexport, our ability to fulfill our mission of making global trade easy for everyone relies on having a diverse, dedicated and engaged workforce. That is why Flexport is committed to creating and nurturing an environment where anyone can be their authentic self. All qualified applicants will receive consideration for employment regardless of race, color, religion, sex, national origin, age, physical and mental disability, health status, marital and family status, sexual orientation, gender identity and expression, military and veteran status, and any other characteristic protected by applicable law.

To learn more about what our tech teams have been up to, head to the Engineering Blog.

The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Our salary ranges are determined by role, level, and location. Within the range displayed, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education and / or training. The US base salary range for this full-time position: (exclusive of bonus, equity and benefits.)$108,135—$120,150 USD