Analyst, Security

About Us:
DailyPay, Inc. is transforming the way people get paid. As the industry's leading on-demand pay solution, DailyPay uses an award-winning technology platform to help America's top employers build stronger relationships with their employees. This voluntary employee benefit enables workers everywhere to feel more motivated to work harder and stay longer on the job, while supporting their financial well-being outside of the workplace.
DailyPay is headquartered in New York City, with operations throughout the United States as well as in Belfast. For more information, visit DailyPay's Press Center.
The Role:
The DailyPay Security Analyst is responsible for supporting the development, implementation, and management of the company's governance, risk, and compliance programs. This role involves assessing risks, ensuring compliance with regulations and standards, and developing policies and procedures to protect the organization's information assets. The ideal candidate will have a strong understanding of regulatory requirements, risk management practices, and information security principles.
If this opportunity excites you, we encourage you to apply even if you do not meet all of the qualifications.
How You Will Make an Impact:

• Risk Management and Governance
  • Assist in the development and maintenance of security policies, standards, and procedures
  • Support the creation and management of governance frameworks to ensure security and compliance
  • Monitor and report on the effectiveness of security policies and procedures
  • Conduct risk assessments and identify potential security risks
  • Develop risk mitigation strategies and monitor their implementation
  • Maintain the risk register and ensure risks are regularly reviewed and updated
• Compliance
  • Ensure compliance with relevant regulations and standards (e.g., GDPR, SOX, PCI-DSS, SOC 2, ISO 27001)
  • Support internal and external audits by gathering evidence and documentation
  • Monitor changes in regulatory requirements and update compliance programs accordingly
• Security Awareness and Training
  • Develop and deliver security awareness training programs for employees
  • Promote a culture of security awareness throughout the organization
  • Ensure employees understand and adhere to security policies and procedures
• Incident Response
  • Assist in the development and maintenance of incident response plans
  • Participate in incident response activities, including investigation and documentation
  • Analyze incidents to identify root causes and recommend corrective actions
• Vendor Management
  • Assess and manage third-party vendors for compliance with security and privacy requirements
  • Conduct vendor risk assessments and ensure appropriate security measures are in place
  • Maintain records of vendor assessments and ensure they are regularly reviewed
• Documentation and Reporting
  • Develop IT General Control procedures
  • Maintain comprehensive documentation of all GRC activities
  • Prepare reports and presentations for management on GRC activities, findings, and metrics
  • Track and report on compliance and risk management initiatives.

What You Bring to The Team:

• Bachelor's degree in Information Security, Computer Science, Business, or a related field
• Relevant certifications (e.g., CISA, CRISC, CISSP, CISM) are highly desirable
• 2+ years of experience in governance, risk, and compliance, information security, or a related field
• Experience with regulatory requirements and industry standards (e.g., GDPR, SOX, PCI-DSS, SOC 2, ISO 27001)
• Strong understanding of GRC concepts and best practices
• Knowledge of risk management methodologies and frameworks
• Proficiency in using GRC tools and software
• Familiarity with security standards and regulations
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills
• Proactive in identifying risks and developing mitigation strategies

What We Offer:

• Exceptional health, vision, and dental care
• Opportunity for equity ownership
• Life and AD&D, short- and long-term disability
• Employee Assistance Program
• Employee Resource Groups
• Fun company outings and events
• Unlimited PTO
• 401K with company match

Pay Transparency. DailyPay takes a market-based approach to compensation, which may vary depending on your location. United States locations are categorized into three tiers based on a cost of labor index for that geographic area. The salary ranges are listed by geographic tier. Additionally, this role may be eligible for variable incentive compensation and stock options. Where a candidate fits within the compensation range for a role is based on their demonstrated experience, qualifications, skills, and internal equity.
New York City
$111,000 - $144,000 USD
Remote, Premium (California, Connecticut, Washington D.C., New Jersey, New York, Massachusetts, Washington)
$102,000 - $133,000 USD
Remote, Standard
$97,000 - $126,000 USD
DailyPay is committed to fostering an inclusive, equitable culture of belonging, grounded in empathy and respect, which values openness to opinions, awareness of lived experiences, fair treatment and access for all. We strive to build and develop diverse teams to create an organization where innovation thrives, where the full potential of each person is engaged, and their views, beliefs and values are integrated into our ways of working.
We encourage people of all backgrounds to join us on our mission. If you require reasonable accommodation for any aspect of the recruitment process, please send a request to [email protected]. All requests for accommodation will be addressed as confidentially as practicable.
DailyPay is an equal opportunity employer. All qualified applicants will receive consideration without regard to race, color, religion or creed, alienage or citizenship status, political affiliation, marital or partnership status, age, national origin, ancestry, physical or mental disability, medical condition, veteran status, gender, gender identity, pregnancy, childbirth (or related medical conditions), sex, sexual orientation, sexual and other reproductive health decisions, genetic disorder, genetic predisposition, carrier status, military status, familial status, or domestic violence victim status and any other basis protected under federal, state, or local laws.