Senior Information Security Analyst

We offer a flexible working policy that supports a healthy balance between personal and professional well-being. This role requires in-office presence on Tuesdays & Thursdays to collaborate, connect, and learn from peers - while also maintaining the flexibility for meaningful work-life balance.

You are a dynamic Information Security analyst excited and ready to take your Information Security career to the next level. You are comfortable working with a broad range of stakeholders; IT, engineering, security operations, marketing, pre sales and customer security compliance teams.

As a member of our Information Security team, you will have no shortage of interesting and varied security projects to work on and learn from. You will collaborate with the team on our security governance, risk, compliance and trust objectives, author our security documentation, collect and develop periodic compliance and security metrics. In addition, you will translate external security standards into actionable requirements for operations and engineering teams and identify security risks.

“Our team is dedicated to not only protecting our cloud platform but also fostering a culture that values people and their growth. We work with incredible customers across a wide variety of industries, providing unique and exciting security challenges every day. If you're looking for a role that offers the chance to work with industry experts then this is the place for you!

Come and be a part of a team where your contributions are valued, and your development is a priority.”

• Supporting the review, design and implementation of information security and compliance standards (ISO 27K, ISO 22301, SOC2 Type 2, CSA STAR, FedRAMP) and tracking their implementation across the business.
• Authoring and updating FedRAMP documentation, including:
• System Security Plan (SSP)
• Control implementation narratives
• Policies and procedures
• POA&Ms and Continuous Monitoring deliverables
• Coordinating monthly, quarterly, and annual continuous monitoring activities, including vulnerability management tracking, evidence collection, and reporting.
• Partnering with cross‑functional teams to validate technical and non‑technical control implementations.
• Supporting 3
  
  PAO assessments, audit activities, and government stakeholder reviews by preparing evidence, responding to requests, and addressing findings.
• Tracking control gaps and remediation activities.
• Monitoring FedRAMP PMO guidance, NIST updates and regulatory changes for impact to the environment.
• Defining and reporting against security KPIs, including creating dashboards and reports.
• Working closely with the security leadership team to support security initiatives as required.

• Bachelor’s degree in Cybersecurity, Engineering, Computer Science, IT or equivalent experience.
• Demonstrable experience in information security compliance, GRC, or cloud security roles with direct FedRAMP involvement.
• Hands‑on experience with:
• FedRAMP Moderate and/or High baselines
• NIST SP 800‑53 (Rev. 4 and/or Rev.
  5)
• SSP development and ownership
• POA&M management and continuous monitoring
• Experience working with 3
  
  PAOs, auditors, and government customers.
• Strong analytical and organizational skills and a great attention to detail.
• Ability to work independently, as well and as part of a wider team, with minimal supervision.
• A positive attitude with an eagerness to learn and develop professional knowledge.

• Security certification such as CISA, CISM, CISSP, CRISC, GIAC or similar.
• Experience working with SaaS providers is highly desirable.

• Join a rapidly evolving, industry‑leading SaaS company on an exciting journey of growth and scalability!
• Take on meaningful, high‑impact challenges by leveraging cutting‑edge technologies and best‑in‑class protocols to drive innovation.
• Own my career path with our internal development framework. Ask us more about this!
• Expand my skill set and earn certifications with unlimited access to…