Security and Compliance Analyst

Denver, CO

Applications have closed

Sumo Logic

Sumo Logic provides best-in-class cloud monitoring, log management, Cloud SIEM tools, and real-time insights for web and SaaS based apps.

View company page

Security and Compliance Analyst

As a Security and Compliance Analyst at Sumo Logic, you will join a growing team to design, implement, and coordinate programs to promote user trust and manage risks to their data. You will work with teams across the organization, from Product Development to Sales to Customer Experience, to manage risks to critical assets and users alike. You will work in depth with other parts of the business to ensure Sumo Logic meets our security, privacy, and regulatory commitments.

 

WHAT YOU’LL BE DOING:

  • ​​Work with essential players, performing and improving the current control environment, promoting security awareness and monitoring metrics to measure control effectiveness and other projects based on specialized plans.
  • Promote awareness of security and control issues among management and ensure sound principles are reflected in our vision and goals.
  • Provide input to the company annual security risk assessment activities which includes identifying the methodology, information assets, threat and vulnerabilities, evaluate the risks, facilitate the residual risk remediation plan and follow-up thereafter.
  • Manage the audit for various frameworks from pre-engagement, planning, fieldwork, testing, review, reporting, and risk treatment process.
  • Conduct third party security risk assessments as part of onboarding and annually as needed.
  • Ability to execute and manage various audit, compliance, and risk assessment programs within GRC tools.
  • Coordinate and support the sales team by answering security related questionnaires.
  • Improve design and operating effectiveness for internal control systems, processes, and policies.
  • Performs other related duties as required.

 

 WHAT YOU BRING:

  • Experience building or maintaining programs to mitigate risks around security, privacy, integrity, and availability.
  • Familiarity and experience conducting internal audits / assessment for the infrastructure running in public cloud infrastructure (AWS experience preferred).
  • Strong understanding and experience working in multiple compliance frameworks such as PCI DSS, SOC2, ISO 27001, and FedRAMP.
  • Familiarity with a broad range of technical concepts relevant to cloud computing environments such as microservices, CI/CD pipeline, containers, secure coding principles, security architecture, information security, network security, privacy, and cloud governance.
  • Strong project management and organizational skills - must drive your own projects to completion.
  • Ability to work with important players at all levels of the business to determine adherence with regulatory and compliance requirements
  • Great people skills and ability to work well in a fast paced team environment with a wide range of technical and non-technical teams.
  • Excellent writing, communication, and organizational skills - strong attention to detail.
  • Passion to aim higher and develop new skills.
  • Ability to wear different hats, providing security advisory on controls and compliance frameworks while collaborating with the engineering team.

 

Equal Pay Statement:

The pay range for this role based in Colorado will be $80,000-$120,000 (Base + Commission Target). This role will also include equity and benefits.

ABOUT US

Sumo Logic, Inc. (NASDAQ: SUMO) empowers the people who power modern, digital business.  Through its SaaS analytics platform, Sumo Logic enables customers to deliver reliable and secure cloud-native applications. The Sumo Logic Continuous Intelligence Platform™ helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers around the world rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit www.sumologic.com.




Tags: Analytics Audits AWS CI/CD Cloud Compliance FedRAMP Governance ISO 27001 Microservices Monitoring Network security PCI DSS Privacy Risk assessment SaaS SOC 2 Vulnerabilities

Perks/benefits: Startup environment Team events

Region: North America
Country: United States
Job stats:  6  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.