IT Security Analyst

About the Role:

Zero Hash is looking for an experienced and passionate IT Security Analyst to join our Security team. In this role, your passion for IT Security will be used to continue to improve the process and operational capabilities of security for our IT and product infrastructure as well as collaborate across the organization to continue to drive a mentality of, “Security being a team effort.”

Responsibilities:

As part of our team, your core responsibilities will be:

• Document and maintain the Zero Hash common security controls using SOC2, ISO 27001, NIST 800-53, and other compliance control frameworks.
• Utilize various information system verification tools to audit systems, analyze potential vulnerabilities, and identify mitigation approaches.
• Perform vulnerability scans and testing, publish remediation instructions, and track resolution.
• Provide administration support for various cybersecurity tools.
• Work closely with Internal Audit in control areas supporting SOC, ISO 27001, and product audits.
• Assist in maintaining compliance documentation, including security policies, standards, procedures, reports, etc.
• Define and improve security controls for internal systems, products, processes, and policies.
• Assist in managing the cybersecurity program to ensure all deliverables meet objectives and are on time.
• Develop memos, announcements, publications, reports, and other written and verbal communications.
• Collect metrics and leverage regular reporting to highlight cybersecurity program status, vulnerability management, and other key metrics supporting cybersecurity program.
• Create customer-facing assets to proactively support our compliance stance and demonstrate industry security best practices.
• Assist in maintaining and testing business continuity, disaster recovery, and incident response plans.
• Participate in the development and maintenance of information security awareness training.
• Conduct periodic user access reviews and internal security audits to ensure compliance.
• Supports our CISO in additional security projects as needed

About you:

Baseline skills/experiences/attributes:

• Bachelor’s degree in Computer Science, Engineering, or a related degree.
• 5+ years of relevant experience in information security with security compliance or audit-related work for software companies, ideally with SaaS-based platforms.
• Experience in Information Security policy development and risk management at healthcare and tech companies.
• Knowledge of pragmatic security controls across all domains, such as access management, encryption methods, vulnerability management, cloud security, etc.
• Certification in one or more of the following: CISSP, CISM, or CISA.
• Experience in various security standards/frameworks such as NIST, ISO27001, SOC 2, OWASP, COBIT, FedRAMP, HITRUST, etc
• Technical expertise with cloud technologies such as AWS, Azure, GCP
• Hands-on experience in achieving ISO27001 certification and SOC 2 attestation.
• Hands-on experience in security systems, including vulnerability management, identity and access management, security risk assessments, and application testing.
• Perform a wide variety of tasks in support of the role and responsibilities.

Benefits Offered:

We believe that the best way to succeed is by having a happy, motivated and healthy team. We offer the following benefits:

• Healthcare Insurance: Zero Hash covers roughly 100% of employee premiums as well as a portion of spouse/children
• Vision & Dental Insurance
• Mental Health and Wellness Program
• Equity Ownership and Early Exercise
• Maternity & Paternity Leave
• Educational budget of $1000
• WFH stipend of $500
• WeWork All Access Membership
• Visa Sponsorship
• 401k

About Zero Hash:

Zero Hash is a B2B embedded infrastructure platform that allows any platform to integrate digital assets natively into their own customer experience quickly and easily (a matter of API endpoints). We power neo-banks, broker-dealers, and payment groups to offer digital asset trading and custody, crypto-backed rewards and round-ups programs as well as yield through staking and DeFi and NFTs.

Our thesis is very simple: every financial services firm will offer digital assets within the next 2 years and will do so through platforms such as Zero Hash. Zero Hash is defining the new FinTech vertical of digital-assets-as-a-service.

Clients include MoneyLion, Wirex, Deserve, MoonPay, tastytrade, Drivewealth. Backed by Point72 Ventures, NYCA, Bain Capital, tastytrade.

The Zero Hash Culture

All Zero Hash employees are guided by the following characteristics and core principles:

• Independence/Ownership - An ability to work autonomously. Join Zero Hash, pitch ideas, and shape the work you do.
• Passion - We are innovating quickly and challenging the status quo. We want you to think big, be creative and ​make a difference every day.
• Collaborative - A good attitude and respect for others. We’re teammates, not co-workers. Everything we do is a shared success and equally a shared failure - we talk in terms of “we” not “me”.
• Initiative - An ability and passion for learning and asking questions. We will champion you, challenge you and push you to achieve your best - and we expect you to do the same.
• Empathy - An ability to listen, respect, and understand your co-workers, customers, and everyone you interact with no matter how different they are to you.
• Adaptability - An ability to respond quickly. We are in a fast-paced industry and so we expect you to be creative when solving a new problem and comfortable under pressure.
• Transparency - We believe that transparency is critical to empowering everyone to make the best decisions, both the company to its people and vice versa.
• Integrity - Integrity creates trust. As both an organization collectively and as individuals, it is our most valuable asset.

Follow us

Twitter

LinkedIn

Youtube

Blog