Information Security Compliance Analyst
San Francisco, California or New York City
Notion
A new tool that blends your everyday work apps into one. It's the all-in-one workspace for you and your team.About Us:
We're on a mission to make it possible for every person, team, and company to be able to tailor their software to solve any problem and take on any challenge. Computers may be our most powerful tools, but most of us can't build or modify the software we use on them every day. At Notion, we want to change this with focus, design, and craft.
We've been working on this together since 2016, and have customers like Pixar, Mitsubishi, Figma, Plaid, Match Group, and thousands more on this journey with us. Today, we're growing fast and excited for new teammates to join us who are the best at what they do. We're passionate about building a company as diverse and creative as the millions of people Notion reaches worldwide.
About The Role:
Notion’s Information Security team’s mission is to serve as the cornerstone by which Notion demonstrates its appropriate stewardship of the data entrusted to it. The Information Security GRC team is a hands-on organization and our primary function is to reduce risk to Notion, continuously level up our ability to compliance with regulations and industry standards and promote a security first culture.
The Information Security Compliance Analyst can help execute a wide range of assessments, establish baseline controls, assist with automating processes and promoting continued maturity across the organization.
What You'll Achieve:
- Assist with day to day automations of our internal GRC systems
- Bring our unified controls framework to life
- Assist the team with reviewing and tracking outstanding findings as they relate to policy, procedures and risk gaps
- Develop processes for monitoring and reporting on the status of controls and risk issues
- Promote security first through trainings and other internal messaging or newsletters
Skills You'll Need to Bring:
- At least 5 years of relevant experience and an understanding of Information Security and Governance Risk and Compliance (GRC) terms and terminology
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff
- Working knowledge of Information Security concepts such as risk management, control gap assessments, threat modeling, security automation, cloud security, security architecture, and incident response
- Familiarity with common technical security controls and control frameworks such as ISO 27001/2, HIPAA/HITECH, GDPR, SOC2, and NIST 800-53
Nice to Haves:
- Certifications like CISSP, CISA, or CRISC is a plus
- Having used Notion is a bonus
Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Notion.
Notion is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Notion considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Notion is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please let your recruiter know.
#LI-Onsite
Tags: Automation CISA CISSP Cloud Compliance CRISC GDPR Governance HIPAA Incident response ISO 27001 Monitoring NIST Risk management SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs