InMarket

Security & Compliance Analyst

InMarket

full-time

Posted on:

Location Type: Remote

Location: Remote • California, Colorado, Illinois, Massachusetts, Minnesota, New Jersey, New York, Ohio, Vermont, Washington • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $112,500 - $125,000 per year

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudGoogle Cloud Platform

About the role

  • You are the lead owner and primary executor for maintaining the company's security compliance programs, with a heavy focus on SOC 2 and ISO 27001.
  • Your mission is to proactively manage evidence collection, ensure continuous control adherence, lead the technical response to all customer security questionnaires, and drive key security and policy initiatives in close partnership with the Legal department.
  • Success is measured by the clarity and quality of compliance documentation, a continuous state of audit-readiness, and effective cross-functional collaboration.
  • Audit-Readiness: Maintain a system of record for all required compliance evidence, ensuring documentation is accurate, complete, and immediately auditable.
  • Evidence Collection: Proactively collect, validate, and organize all necessary artifacts and data to satisfy control requirements for formal SOC 2 and ISO 27001 audits.
  • Control Monitoring: Review and validate the operational effectiveness of security controls across cloud, endpoint, and identity platforms.
  • Questionnaire Leadership: Lead the end-to-end process for responding to all customer-facing security questionnaires, ensuring technical accuracy and consistent messaging.
  • Artifact Management: Maintain and continually update a secure, up-to-date library of security policies, audit reports, and compliance certifications for customer requests.
  • Policy Alignment: Work closely with the Legal department to draft, review, and update internal security policies and standards to ensure they comply with SOC 2, ISO 27001, and other regulatory requirements.
  • Risk Consultation: Act as the technical security expert for Legal department initiatives related to data privacy, contractual security requirements, and vendor due diligence.

Requirements

  • 3-5 years of experience in a security, compliance, or audit-focused role.
  • Demonstrable experience leading or significantly contributing to a SOC 2 Type II and/or ISO 27001 certification or audit cycle.
  • Proven ability to manage evidence collection and maintain a system of record for compliance artifacts.
  • Technical understanding of security controls across cloud environments (AWS, GCP, or Azure), endpoint protection, and identity and access management (IAM).
  • Strong organizational skills with a rigorous, detail-oriented approach to documentation and control validation.
  • Excellent written and verbal communication skills, with experience responding to customer security questionnaires.
Benefits
  • Competitive salary, stock options, flexible vacation
  • Medical, Dental and Flexible Spending Account (FSA)
  • Company Matched 401(k)
  • Unlimited PTO (Within reason)
  • Talented co-workers and management
  • Agile Development Program (For continued learning/professional development)
  • Paid Paternity & Maternity Leave

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
SOC 2ISO 27001evidence collectioncontrol monitoringsecurity controlscloud environmentsendpoint protectionidentity and access managementdocumentationaudit-readiness
Soft skills
organizational skillsdetail-orientedwritten communicationverbal communicationcross-functional collaborationleadershiptechnical accuracypolicy alignmentrisk consultationcustomer engagement