Senior Security & Compliance Analyst

What You’ll Do

• Maintain a deep understanding of our platform and its supporting infrastructure and processes, as well as how our compliance obligations apply to that environment.
• Provide responses to and maintain reference material for customer inquiries and due diligence procedures that involve technology compliance and participate in discussions for security and compliance assessments.
• Continuously confirm and refine MNTN’s internal control framework and related documentation (e.g., policies, procedures, narratives, training material) and contribute to ongoing controls development and improvement.
• Own evidence collection for our various audits, especially SOX and SOC2.

What You’ll Bring

• 5+ years of security or compliance analysis, or assurance/advisory experience, including building controls in the technology space.
• A thorough understanding of technical environments, and the ability to communicate with subject matter experts about technical and operational security controls.
• Experience mapping and rationalizing controls to meet requirements across multiple information security/technology compliance standards (SOX, SOC2, ISO 27001, GDPR, IT General Controls).
• Excellent written and verbal communication skills to communicate details of a security program to a wide spectrum of audiences, including customers.
• Strong analytical skills and attention to detail.
• Flexible and can adapt to a changing environment.
• Self-directed and take initiative on projects and tasks, and in identifying gaps related to security controls, with minimal day-to-day oversight/direction.
• Knowledge of Amazon Web Services, Google Cloud Services, and Container technologies.
• CISA, CISM, CISSP, or related certification.
• Experience using governance, risk management, and compliance (GRC) tools.