Compliance Information Security Analyst, Mid
Whisker Labs is passionate about developing smarter solutions to hard problems, leveraging expertise in signal processing, machine learning, and artificial intelligence. We’re leading the next wave in smart home technology and fire prevention with Ting, an intelligent sensor that monitors a home’s electrical network to detect electrical hazards that often lead to the most devastating and catastrophic fires. While on the job preventing fires, Ting serves an expanding role as a fitness tracker for the home, smartly monitoring and alerting homeowners to meaningful events that impact everyday life. For more information, please visit tingfire.com.
About the Role
As a startup, we all wear several hats and are focused on execution and embrace our unifying characteristics: we have a critical mission, we have a frontline obsession, and we execute with an owner’s mindset. This role is no different.
This position is specifically responsible for helping drive SOC 1 and SOC 2 audits and managing the day-to-day responsibilities of gathering evidence, scheduling resources, coordinating with business owners and external auditors, and identifying potential audit issues/operational improvements. The role requires an understanding of and ability to assess technology and operational risks related to internal and cloud technology solutions and, at times, provide input to ITS personnel on appropriate controls to address audit risks. The position will also work with external and internal auditors, liaising between ITS and non-ITS auditees, gathering and presenting evidence as required.
- Lead and manage SOCII and potentially SOX/ISO 27001/NIST evidence collection activities to meet compliance requirements.
- Lead cross-functional business and governance projects, including defining, implementing, and analyzing IT processes and procedures that support the company’s business objectives.
- Act as the privacy point person for the company (GDPR, CCPA, CPPA, etc.), ensuring policies and procedures are in compliance.
- Participate in compliance audits and assist in preparing documentation for program reviews.
- Experience analyzing and implementing compliance programs and designing and implementing processes/controls.
- Collaborate with other departments across Whiskerlabs to ensure effective communication, training, and understanding of IT policies and procedures.
- Monitor IT policies to ensure compliance with all aspects of federal, state, and local laws and regulations. Maintain the policy library to ensure it is up to date.
- Suggest mitigation strategies to reduce risk to the environment.
- Research and respond to security questionnaires from potential customers.
- Evaluate waivers/exceptions to policies to ensure they are accurate and still meet their initial intent.
- Strong research and analytical skills are a must.
- Experience in regulatory standards (GDPR, SOX, SOC II, ISO 27001, PCI, HIPAA, and/or NIST)
- Common knowledge of firewalls, vulnerability scans, Windows/Linux/Unix operating systems, networking components VPCs, Security Groups, Load balancers), Cloud environments, and encryption methods.
- Unix/Windows Scripting experience. Bash, Python, Powershell, or AWS CLI.
- BA or BS (or higher-level degree) in business, accounting, finance, computer science, information systems or a related discipline plus a minimum of three years experience in a compliance, audit, or related capacity
- Advanced Technical Writing
- Knowledge and understanding of GDPR, SOX, SOC II, ISO 27001, PCI, HIPAA, and NIST standards
- Knowledge of Information Technology and Information Security Concepts.
- Ability to effectively communicate with both technical and non-technical personnel.
- Ability to interpret management, operational and technical implementation methods to determine compliance with existing controls.
- Proven team experience and comfort in a team-oriented environment.
- Passion for working with technology and excitement for creating high-quality consumer technology product
- Industry certification (e.g., CPA, CISA, CISSP, CISM, etc.)
What We Offer:
- Competitive salary range + equity
- Freedom – ability to make, own and carry out decisions
- Health, dental, and vision insurance
Whisker Labs maintains a drug-free workplace and performs post-employment/ pre-employment drug testing and various background checks. Please note that, depending on the specific position applied for, you may be required to pass additional job-related medical tests, background checks, and/or other requirements.