IT Security Analyst – Remote, United States

The Role: Wpromote seeks a highly motivated IT Security Analyst to enhance our security posture. This role will collaborate with our security vendors to achieve SOC 2 compliance and advance our CIS CSC controls. Working alongside our IT Operations and Infrastructure team, you will develop scalable security and data protection processes. This position will play a key role in all security evaluations conducted by potential and existing clients. The ideal candidate possesses experience in SOC 2 audits, application security best practices, penetration test remediations, and security program assessments. A background in security auditing and documentation based on security standards is highly desirable. At Wpromote, we believe that great work is only possible with great people. Our goal is to build a better, more inclusive work environment and support our people at every stage of their careers by prioritizing a strong work-life balance through our policies and benefits listed below. As a Best Place to Work according to both Ad Age and Glassdoor and Adweek’s Fastest Growing Digital Agency, we are moving fast to expand our teams and bring new experts into the fold to keep pushing the boundaries of what’s possible in marketing. We offer: – Remote-first culture – Unlimited PTO – Extended Holiday break (Winter) – Flexible schedules – Work from anywhere options* – 100% paid parental leave – 401(k) matching – Medical, Dental, Vision, Life, Pet Insurance – Sponsored life insurance – Short Term Disability insurance and additional voluntary insurance -Annual Class Pass credits and more! The anticipated annual salary for this role will range from $85,000 – $110,000, based on consideration of a wide array of factors unique to each candidate, including but not limited to skill set, years and depth of experience, education and certifications, competitive benchmarks, scope of responsibility, market dynamics, geographic location, and respective state’s salary threshold for exempt employees. At Wpromote, pay ranges are subject to change and are based on specific market medians for similar jobs according to third-party salary benchmark surveys. Individual pay within that range can vary due to skills, experience, and available budget. The total compensation package for this role will include benefits (listed above).

• This position may be performed remotely in most states within the US, with some exclusions

While this role offers the flexibility to work remotely, we have office hubs in Los Angeles, Chicago, and New York, where you can join in on learning and development opportunities, fun events, take advantage of a space to work, and collaborate in person! This position is not eligible for immigration sponsorship Important Notice: Beware of Job Scams Wpromote recruiting communications will only be sent through our official channels via https://www.wpromote.com email addresses. If you see a posting elsewhere that is not reflected on Wpromote.com/careers, it may be a fraudulent posting. We do not require payment or fees during the hiring process nor do we request sensitive information, such as Social Security numbers or payment details. Please safeguard yourself against possible scams and contact us if you encounter any suspicious activity. You Will Be

• Collaborate with security consulting vendors on SOC 2 compliance, penetration tests, and CIS CSC controls.
• Optimize SOC2 engagements through the automation of audit controls using SaaS platforms.
• Manage security evaluations from potential and current clients.
• Audit and update processes and policies to ensure compliance with security requirements.
• Propose and implement security best practices, processes, and policies for the company.
• Provide guidance and implement application security standards for internal development.
• Manage our vulnerability management solution and security awareness training platform.
• Implement solutions to prevent data loss, breaches, and service interruptions.
• Evaluate data privacy and security regulation updates to determine necessary organizational changes.

You Must Have

• 3-4 years of experience in cybersecurity and data privacy.
• Experience working with security vendors on SOC 2 audits and penetration test remediation.
• Experience auditing processes and policies for alignment with CIS CSC controls and SOC 2 compliance.
• Experience with GCP Command Center.
• Experience securing Google Workspace.
• Knowledge of OWASP and application security best practices.
• Experience remediating vulnerabilities through a vulnerability management system (e.g., Rapid7).
• Strong understanding of Mac operating system security.
• Bachelor’s degree in computer science or a related discipline, or equivalent relevant experience.
• Excellent written and verbal communication skills.
• Ability to work independently and collaboratively.
• Security certifications, such as CISSP, are highly preferred.

Wpromote is committed to bringing together Apply tot his job Apply To this Job