Security and Privacy Analyst

Who are we : We're Eptura - a global worktech company that provides software solutions for workplaces, people, and assets that enable everyone to reach their full potential. Our people are at the heart of everything we do, spanning 11 global offices with 1,000 employees. Together, we're dedicated to making workplaces and assets work harder for people everywhere, giving them the opportunity to thrive. Role Overview : The Eptura Office of Information Security is looking for a Security and Privacy Analyst to join our Governance, Risk, and Compliance team. This is an exciting opportunity to put your mark on a fast-growing GRC program by helping to refine, consolidate, and implement security and privacy controls for multiple SaaS applications at a global SaaS software company. The ideal candidate will be a great communicator with training or experience in risk assessment and audit covering major security frameworks, including ISO 27001, CSA-STAR, AICPA TSC (SOC 2), and FedRAMP. In addition, they will have knowledge of global privacy frameworks such as the General Data Protection Regulation (GDPR), the UK GDPR, CPRA, among others. They will be comfortable initiating cross-functional conversations with other departments internally to identify, report, and track compliance risks through resolution. They will be a major contributor to the development, assessment, and maintenance of policies, standards, and procedures in alignment with Eptura's global security and privacy programs. This is a critical role, and you will be a core member of a growing security team. The Security and Privacy Analyst will report directly to the Director of Security - Governance, Risk, and Compliance. Responsibilities: Contribute to risk assessments and internal audits to assess ongoing compliance with applicable security and privacy frameworks. Develop ongoing compliance activities to monitor compliance with internal controls. Assist in the maintenance of corporate policies, standards, procedures, and guidelines. Work with key stakeholders to identify and document risks, develop remediation plans, and track remediation efforts to resolution. Contribute to privacy compliance efforts, including documenting data flows, privacy impact and transfer impact assessments, and records of processing activities. Complete security and privacy assessments for existing customers and new prospects. Advise internal teams on best practices to help employees understand the "why" behind security and privacy controls. Assist in the continued development and administration of the security awareness program, including communication to relevant teams on security best practices. Required Experience and Training: Knowledge of common security frameworks (ISO 27001, AICPA TSCs/SOC 2) and global privacy regulations (GDPR, CPRA, etc.). A good understanding of risk assessment and common security vulnerabilities applicable to networks, platforms, and SaaS applications. Understanding of cloud environments (GCP, AWS, Azure) and the SaaS delivery model. Strong teamwork and collaboration skills with the ability to work across multiple business units (Engineering, HR, Legal, etc.) with multiple stakeholders. Excellent written and verbal communication skills, including experience reporting and presenting to various audiences including senior leadership. Previous consulting and/or audit experience is a plus. Industry recognized certifications in security is a plus (CRISC, GRCP, CISSP, CISA, CISM). A bachelor's degree is optional but preferred Benefits: Health, Dental, & Vision with flexible PTO Dependent, Spousal and Domestic Partner coverage available Up to $1000 Company HSA Contribution Medical, Dependent Care and Limited FSA Accounts Income Protection and Replacement - 100% Company Paid Short Term Disability Long Term Disability Life Insurance Employee Assistance Program Be a part of a company that is changing the workplace Be a part of a fast-paced global team Stimulating and fulfilling work. Close interaction with product stakeholders and our development teams. Great benefits such as work flexibility. Global online celebration, recognition, and communication platform Growth and Development Opportunities All equipment provided to succeed in your role. Eptura Information : Follow us on Twitter | LinkedIn | YouTube Eptura is an Equal Opportunity Employer. At Eptura we promote our flexible workspace environment, free from discrimination. We believe that diversity of experience, perspective, and background leads to a better environment for all our people and a better product for our customers. Everyone is welcome at Eptura, no matter where you are from, and the more diverse we are, the more unified we will be in ensuring respectful connections all around the world Other details Pay Type Salary Apply Now