Limeade is an employee experience software company that helps build great places to work. Our platform unifies employee well-being, engagement, and inclusion solutions with industry-leading communications capabilities. Recognized for its own award-winning culture, Limeade helps every employee know their company cares. To learn more, visit www.limeade.com.
We're committed to creating a mission-driven, positive and inclusive culture of improvement made up of the best and brightest people in the business. And we've got the awards to back it up: Puget Sound Business Journal ranked us #1 Best Workplace in Washington, and Seattle Business ranked us one of the top three Best Companies to Work for in Washington State. In addition, we're one of the fastest-growing companies in North America (Deloitte's Technology Fast 500™), and Fortune magazine recognized us as a Best Workplace for Women. Limeade is a global company that embraces a distributed workforce and has users in more than 100 countries. Our headquarters are in Bellevue, WA.
About the role:
This role can be fully remote.
This opportunity is open to those legally authorized to work in the United States and Canada.
Limeade is seeking a Security Governance Risk & Compliance (GRC) Analyst for our Security and Operations team. This position completes and maintains security documentation and provides functional support for the Security Department. Responsibilities include, but are not limited to responding to client inquiries (RFI/RFP responses, Due Diligence Reviews (DDRs), and related IT/Security Questionnaires), performing risk assessments against security frameworks and regulations, providing audit response and remediation, gathering data and reporting on organizational risk, administration of the risk register and acceptance process, preparation and management of security policy documentation, vendor management, and overseeing the vulnerability management and remediation process.
Reporting to the Chief Information Security Officer, this position interacts with the Security and Operations team as well as with a wide range of internal subject matter experts (SMEs), Sales Directors, Proposal Managers and Customer Support team.
- Manage compliance monitoring including inventory, vulnerability management, security training, and continuous monitoring and reporting and other recurring compliance activities
- Manage security information gathering (SIG) requests by ensuring accurate and timely vendor and data partner responses
- Clear, concise, and timely responses to client security questionnaires, RFI/RFP responses, due diligence reviews (DDRs), and related IT/Security compliance documentation.
- Establishes and manages libraries of technical content to quickly and accurately respond to client questions, including ensuring content is kept accurate and up to date.
- Assist and support security policy and procedure maintenance and documentation improvements
- Evaluate vendor and service provider compliance with Limeade security requirements and contractual obligations through annual review.
- Investigate and document Incidents, and ensure appropriate remediation and notification where applicable
- Obtains, analyzes and evaluates existing documentation, previous reports, data, flowcharts, etc.
- Ensure compliance with client contracts, policies and procedures.
- Constantly be on the lookout for ways to improve processes to provide more effective and efficient service.
- Provide additional support for internal Security and Operations projects and activities as required.
- Ability to demonstrate our values in an on-going and consistent way
- BA or BS from an accredited University or relevant Security Certification (CISM, CISA, CISSP)
- 1-3+ years of experience in technical writing
- 1-3+ years working in the Enterprise IT/Cloud computing industry, working with technical leads, software developers, solution architects, etc.
- 1-3+ years in Information Security or Governance, Risk, and Compliance (GRC) role
- Understanding of security frameworks such as NIST and ISO
- Experience with third-party audits, such as SOC2 and ISO27001,
- Experience with MS Office Suite
- Experience meeting tight deadlines with limited resources
- Strong organizational skills
- Strong proofreading skills
Limeade provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Limeade will provide reasonable accommodations for qualified individuals with disabilities.
Please Note: Limeade is currently unable to support visa sponsorship for those living in the United States and working under an H1B visa.