Information Security and Compliance Analyst

Information Security and Compliance Analyst

At Veracity, we aim to be a different kind of insurance partner – one that is free from outside investors, venture capital, or the pressures of a corporate parent. Ours is a culture of empowerment that believes in effort, results, and accountability. We believe that transparency fosters trust, trust fosters growth, and that growth drives innovation. Our commitment to rigorous evaluation and relentless execution leads to rapid evolution.

We answer only to the small business owners we serve, and this independence allows us to stay focused on what matters most: helping their businesses thrive by providing expert guidance and best‑in‑class insurance policies.

We’re growing fast and want you to be a part of it!

We’re seeking a talented, detail‑oriented Information Security and Compliance Analyst to join our team. Reporting to the Technical Operations and Information Security Manager, this role is responsible for supporting the organization’s cybersecurity posture by maintaining and enhancing security policies, controls, and monitoring systems, and ensuring compliance with frameworks such as SOC 2 and PCI DSS to protect company and client data.

• Strengthen the organization’s cybersecurity posture by implementing, maintaining, and improving security policies, standards, and technical controls.
• Monitor security tools and system activity to identify, investigate, and elevate potential threats or vulnerabilities.
• Support vulnerability management, including performing scans, tracking remediation, and validating fixes.
• Maintain accurate, audit‑ready documentation and coordinate evidence collection for SOC 2, PCI DSS, and other compliance frameworks.
• Support incident response processes, including triage, documentation, and post‑incident follow‑up.
• Assist with user access reviews, control testing, risk assessments, and security awareness efforts.
• Collaborate with IT, Engineering, and Compliance teams on secure configurations, remediation plans, and cross‑functional security initiatives.
• Participate in routine policy, procedure, and control reviews to ensure alignment with regulatory requirements and security best practices.
• Maintain detailed logs and reports of security activities, metrics, and compliance obligations.
• Identify opportunities to strengthen controls, streamline processes, and enhance overall security program maturity.
• Perform additional duties as requested, directed, or assigned.

• Bachelor’s degree in Information Systems, IT, Cybersecurity, or a related field.
• 2–3 years of experience in security compliance, auditing, or governance (SOC 2 experience preferred).
• Strong integrity, attention to detail, and accountability when handling sensitive or regulated information.
• Proactive problem‑solving skills with the ability to anticipate and address risks effectively.
• Strong collaboration and communication skills with experience working across technical and compliance teams.
• Ability to remain composed and effective under pressure, including during audits and security incidents.

• Health, dental, and vision plans.
• Work‑life balance with 4 weeks of Paid Time Off.
• 10 Paid Company Holidays with 2 floating holidays.
• 401(k) program with employer match.
• Personal assistance programs for a healthy personal and work life.

• Engage in groundbreaking projects that are reshaping the insurance landscape.
• Collaborate with dedicated, like‑minded professionals.
• Experience a culture that prioritizes growth and development.

$75k/yr - $85k/yr

We are proud to be an equal‑opportunity employer. We are committed to providing equal opportunities to all qualified applicants, regardless of race, color, religion, sex, national origin, disability, or any other legally protected characteristics.

If you need accommodation, please let us know during the interview process.