Senior Security & Compliance Analyst

Job Title: Senior Security and Compliance Analyst

Location: US - Remote

THE OPPORTUNITY:

As a Senior Security and Compliance Analyst at SalesLoft, you will play a pivotal role in our company's success. Join our high-performing information security team and be the go-to expert for all customer-facing security and compliance matters.

Your primary focus will be to serve and build trust with Salesloft customers by addressing security, privacy, and compliance concerns as they arise. This includes but is not limited to:

• Customer requests for information (e.g. questionnaires)
• Customer inquiries about compliance attestations and certifications for Salesloft and its subprocessors
• Customer questions regarding product functionality and the impact of that functionality on the customer environment
• Maintenance of the public facing Salesloft trust portal
• Collaborating with the legal team to address contractual issues surrounding security and privacy
• Meetings with customer security, privacy, legal and IT teams to discuss detailed questions around the Salesloft platform and security program
• Creation of customer facing materials that streamline the security evaluation process and address customer concerns proactively
• Ensure Salesloft's security awareness training program communicates relevant content that results in meaningful learning across the employee base
• Maintain policies that hold employees accountable to security and privacy best practices, but that are also realistic with respect to Salesloft's systems and control environment
• Conduct third party risk management activities that evaluate the security posture and controls of third party providers, as well as the implementation of third party systems
• Conduct security, privacy and compliance reviews as part of the software development lifecycle for the Salesloft platform
• Work with business stakeholders to ensure security is adequately considered as part of the methodology
• Liaise with third party auditors and internal control owners to ensure successful completion of attestation and compliance engagements
• Refine processes for recurring security program activities (e.g., user access reviews, control audits, etc.)
• Work with various departmental control owners to identify, assess, and treat security and privacy risks

In addition to working with amazing colleagues who exemplify our 'team over self' core value, you will also have the opportunity to create a culture of customer trust in SalesLoft's control environment You will have an opportunity to make a difference.

WHAT WE'RE LOOKING FOR:

We are seeking a bias-towards-action, results-oriented, senior-level security professional who excels being customer facing and is ready to build a best-in-class GRC function.

If you're looking for an opportunity to learn more, do more, and become more than previously possible… if you're passionate about innovation, growth and serving customers and thrive in a fast-paced, developmental environment, then becoming a Security and Compliance Analyst is the career path for you!

THE TEAM:

SalesLoft's infosec team comprises seasoned and up-and-coming infosec professionals who are all aligned on one vision and mission:

• Vision: Every seller is loved by the buyers they serve (#saleslove)
• Mission: Equip companies to maximize revenue by creating a fantastic buying experience

The security team consists of security professionals who maintain controls that protect the business in keeping with industry best practices and relevant regulations and frameworks. They are also the epitome of our core values - Customers First. Team Over Self. Focus on Results. Bias Towards Action. Glass Half Full.

THE SKILL SET:

• 4-6 years of experience with auditing and/or maintaining information security controls
• Comfortable joining customer calls and speaking authoritatively without more senior team member
• Working knowledge of ISO 27001, SOC 2 Trust Services Principles, GDPR and other common security standards
• Experience with "defense-in-depth" principles and technology
• Strong attention to detail and quality
• Self-driven, autonomous and can contribute to the strategy and roadmap of the team
• Advanced documentation, prioritization and change management skills
• Ability to handle proprietary and sensitive information in a confidential manner
• CISA or similar certification

WITHIN ONE MONTH, YOU'LL:

• Learn the day-to-day operational cadence and become familiar with the infosec technology stack
• Understand the key performance indicators (KPIs) of the SalesLoft security team
• Learn and understand the mission, vision, and values of the SalesLoft security team
• Review and understand the SalesLoft risk assessment process as well as currently identified organizational security risks
• Set your OKRs (Objectives and Key Results) with your manager and develop an action plan to achieve them

WITHIN THREE MONTHS, YOU'LL:

• Act as a consultant, evaluating the effectiveness of the security program with a fresh set of eyes
• Manage alignment of security practices to conform with ISO27001/2, SOC2, and other Security compliance and Privacy standards
• Review, manage, and serve as primary point of contact for remediation efforts for control non-conformities identified via risk assessments, internal audits, external audits, periodic reviews, etc.
• Begin executing SalesLoft's continuous compliance audits

WITHIN SIX MONTHS, YOU'LL:

• Maintain mature, comprehensive security awareness and training programs.
• Serve as the primary point of contact for external compliance auditors
• Assess the security controls of existing and net new vendors, as well as impact of vendors to SalesLoft's IT control environment

WITHIN TWELVE MONTHS, YOU'LL:

• Develop key reporting metrics and executive presentations to ensure awareness and support of compliance programs.
• Assist the CISO/VP of Security and other security leadership members to develop strategic plans, recommendations, and long-term roadmaps for the future of the security program

IS THIS ROLE NOT AN EXACT FIT? Keep an eye on our Careers Page for other positions!

WHY SHOULD YOU WORK AT SALESLOFT:

• You will become part of an amazing culture with a supportive CEO and smart teammates who actually care
• You will work with an amazing team you can learn from and teach
• You will experience joining a high-growth/high-traction organization
• You will hear "Yes, let's do that!" and then have the opportunity to successfully execute on your ideas
• You will build community with Lofters of many cultures and backgrounds through ERGs and DEI initiatives
• We have a vibrant, open office that utilizes modern technology
• You will grow more here than you would anywhere else, that is a promise

SalesLoft is proud to be an Equal Opportunity Employer and provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, pregnancy, sexual orientation, or any other characteristic protected by law.

#LI-Remote