Information Security Analyst

Position Summary

The Senior Information Security Analyst role is an external-facing position within our Information Security team. This role will primarily be focused on supporting external audits for information security and privacy, while also playing a role in vendor risk management, privacy request management, and compliance with both internal and customer security and privacy requirements. This individual will report directly to the Information Security Director.

The right candidate will play a vital role in implementing or enhancing controls in new and existing Arkose Labs products and services, managing internal requirements for security and privacy, and providing customers with confidence in our competence in information security and privacy governance. They must must feel comfortable collaborating with both technical and non-technical staff across the entire breadth of the company. They must be able to act as an interface to colleagues on the implementation of company-wide security solutions.

They must be familiar with industry best practices and feel comfortable providing information to and advising management on the impact of regulatory requirements on security, privacy, integrity, availability, and/or disruption of service delivery.

If you’re a self-starter who wants to make a difference in a rapidly growing, world-class, cloud-native provider of an innovative cybersecurity software-as-a-service solution, we want you on board.

Must Haves

• 3+ years experience in the implementation of controls from standards such as ISO 27001, SOC 2, and/or similar security and privacy frameworks
• Previous experience supporting company security and privacy initiatives by engaging with process and system owners in the design, implementation, and monitoring of controls in computing environments as well as demonstrating those controls to external auditors
• Knowledge and awareness of recent developments in the security and privacy industry such as new vulnerabilities, standards, and regulations
• Excellent written and verbal communication skills
• Must be a self-starter comfortable with researching and investigating problems on their own while understanding when to escalate issues and engage other stakeholders as needed

Nice to Haves

• Experience with privacy standards and regulations such as ISO 27018, ISO 27701, GDPR, and CCPA/CPRA
• Strong IT background and in-depth understanding of cloud security
• Hands-on experience with the technical implementation of security and privacy controls in a cloud-native environment using tools and services such as AWS, Azure, Cloudflare, etc.
• Prior experience in the anti-fraud and abuse prevention market, or in related security technologies
• Prior startup experience

• People: first and foremost they are our most valuable resource. Our people are independent thinkers who make data-driven decisions and take ownership and accountability in all the things they do.
• Team Work. We demonstrate respect, trust, integrity, and communicate openly with a positive can-do attitude, and constructively challenge one another
• Customer Focus. We empathize with our customers and obsess about solving their problems
• Execution with precision, professionalism, and urgency
• Security. It's the lens through which we implement our processes, procedures, and programs

Arose Labs is an Equal Opportunity Employer that makes employment decisions without regard to race, color, religious creed, national origin, ancestry, sex, pregnancy, sexual orientation, gender, gender identity, gender expression, age, mental or physical disability, medical condition, military or veteran status, citizenship, marital status, genetic information, or any other characteristic protected by applicable law. In addition, Arkose Labs will provide reasonable accommodations for qualified individuals with disabilities.