How you will make a difference:
Sr. Security Compliance Analyst - are motivated team players who ultimately will execute on work to ensure a positive security and compliance posture for Iterable. This role will have the opportunity to work directly across all Governance Risk and Compliance programs by assisting with everything from external audits (such as SOC 2, ISO and privacy certifications) to risk assessments and to managing RFPs and Contract Reviews. They will partner with various stakeholders across the organization to achieve the common goal of ensuring Iterable is able to meet our customers requirements for a secure organization. You’ll report directly to our Manager of Compliance.
We're looking to expand our small but growing organization with teammates who are intellectually curious and willing to embrace challenges, all while keeping our company values of Humility, Trust, Growth Mindset, and Balance top of mind.
One of our core values is a growth mindset and Iterable is a company where everyone can grow. If this is a role that excites you, please apply as we value applicants for the skills they bring beyond a job description.
You’ll get to:
- Work with our sales teams by managing RFPs, RFIs, contract reviews and customer inquiries around security and compliance.
- Manage or produce security and privacy collateral to assist our Sales and Customer Support teams in their discussions with customers and prospects on security, privacy and compliance related matters.
- Review security terms and conditions on both customer and vendor contracts to ensure our commitments and security practices align
- Manage incoming compliance questions via our compliance alias for all security and privacy related inquiries
- Assist with compliance activities such as compliance risk assessments, internal and external compliance audits and evidence gathering (ex audits: SOC 2 Type 2, ISO27001, CBPR and PRP)
- Complete third party risk assessments of new and existing vendors
- Assist with risk governance by working cross functionally to describe, evaluate and govern security or privacy compliance risk through to remediation
We are looking for people who have:
- Prior experience partnering with Engineering, Legal, Customer Success and Sales organizations
- Customer service mindset
- Working knowledge of industry standard compliance frameworks (ISO, NIST, PCI, SOC2, etc)
- Working knowledge of risk assessment fundamentals (impact analysis, residual risk analysis, mitigation strategies, etc)
- Experience reviewing contracts and dealing with RFPs
- Prior exposure and technical aptitude for understanding application and infrastructure vulnerabilities; especially in cloud environments.
- Experience assessing and speaking to compliance and security risks with customers
Perks & Benefits:
- Paid parental leave
- Competitive salaries, meaningful equity, & 401(k) plan
- Medical, dental, vision, & life insurance
- Balance Days (additional paid holidays)
- Fertility & Adoption Assistance
- Paid Sabbatical
- Flexible PTO
- Monthly Employee Wellness allowance
- Monthly Professional Development allowance
- Pre-tax commuter benefits
- Complete laptop workstation
The US base salary range for this position at the start of employment is 107,000 - 175,000. Within this range, individual pay is determined by specific US work location, as well as additional factors, including job-related skills, experience, relevant education or training, and internal equity considerations.
Please note that the range listed above reflects only base salary. The total compensation package includes variable pay (where applicable), equity, plus a range of benefits, including medical, dental, vision, and financial. In addition, we offer perks such as generous stipends for health & fitness and learning & development, among others.
