Sec Ops Analyst III (Compliance Focused)

At Mitratech, we are a team of technocrats focused on building world-class products that simplify operations in the Legal, Risk, Compliance, and HR functions of Fortune 100 companies. We are a close-knit, globally dispersed team that thrives in an ecosystem that supports individual excellence and takes pride in its diverse and inclusive work culture centered around great people practices, learning opportunities, and having fun! Our culture is the ideal blend of entrepreneurial spirit and enterprise investment, enabling the chance to move at a rapid pace with some of the most complex, leading-edge technologies available.

Given our continued growth, we always have room for more intellect, energy, and enthusiasm - join our global team and see why it's so special to be a part of Mitratech!

Job Description

Mitratech is a proven global technology partner for corporate legal and compliance teams. Our approach to work is proactive, collaborative, and committed. The professionals who are thriving at Mitratech are people like you who know how to balance individual excellence with teamwork. We believe our employees’ enthusiasm fuels great work, so we pursue individuals with a passion for building an environment of ownership, transparency, and continuous improvement as well as a dedication to driving the best possible experience for our clients. In other words, if you like people and technology, you'll fit right in.

The Sec Ops Analyst III is part of the Security Operations (Sec Ops) team. Reporting to the Director of Sec Ops, this role will contribute to organizational audits, internal assessments, information gathering, security questionnaire documentation, compliance suggestions, and client assessments. The Sec Ops Analyst III provides leadership, guidance, recommendations, processes, and reporting regarding risk, security, and policy compliance. This position will be providing critical information to both the Sec Ops and the GRC teams at Mitratech.

Essential Duties & Responsibilities:

• Work closely with network and systems administrators, other functional area architects and developers to ensure adequate security solutions, processes and accountability are in place.
• Writing of Policies, Procedures, and Assessment reports.
• Gather and organize internal asset information for creation, augmentation and maintenance of client security questionnaire templates used for third party audits and client requests.
• Identify needs and opportunities for improving the company’s security posture.
• Perform periodic security audits and various tasks to ensure corporate, client, and regulatory compliance.
• Work with developers and IT personnel to assist with identified security vulnerability mitigations.
• Participation in applicable trade groups or forums.
• Coordinate annual SOC2 Audit, including collaboration with internal stakeholders and external vendors.
• Collaborate cross-functionally to maintain product-specific ISO 27001 certifications.
• Coordinate annual application and network penetration testing including collaboration with internal stakeholders and external vendors.
• Facilitate annual cybersecurity assessment for all Mitratech products.

Requirements & Skills:

• Experience with regulatory compliance IT frameworks, including SOX; GLBA; PCI-DSS; ISO 27001/27002, FFIEC IT Handbooks, COBIT, and ITIL.
• Excellent communication skills (verbal and written) with the ability to flex communication styles based on audience, including internal and external stakeholders.
• Knowledge of emerging technology concepts, strategies, and methodologies.
• Understanding of applicable laws, regulations, and information security trends.
• Customer-centric approach while applying high-level business objectives.
• Critical thinking and problem-solving abilities to drive technical, process, and people-oriented solutions across the enterprise.
• Ability to negotiate and justify compromises between risk, business, and technology needs.
• Ability to multitask, strong attention to detail, self-motivated willingness to take initiative and ownership.

Education:                         

• CISSP highly desirable
• CISA or CISM is highly desirable
• Security+ or similar certification is a plus
• Cybersecurity specific degree is a plus

Compensation

Mitratech remains committed to equitable and transparent pay practices. Final base salary offered may vary from the range listed and will be determined after carefully considering multiple factors during the hiring process, including location, relevant experience and education, required competencies and skill proficiency level, and review of internal equity. We encourage candidates to apply even if they may not meet all listed requirements.

We will disclose intended pay ranges in our job ads for US-based opportunities– This role can be performed 100% remote anywhere in the US. Anticipated Pay Range: $100,000 – $110,000 Annually USD

Total compensation includes US employee benefits, and annual bonus eligibility.  

Benefits we offer:

• Health, Dental & Vision Insurance
• 401k + Employer Match
• PTO + 11 Paid Holidays + 4 Annual Paid Global Wellness Days Off
• STD, LTD & Group Life Insurance
• Paid Parental Leave
• Pet Insurance
• FSA & HSA Options
• Employee Assistance Program

Perks we offer:

• Remote Work
• Career Advancement & Professional Development Opportunities
• Employee Recognition

The position will remain posted until a candidate has been hired, or we may pull the job ad at any time due to volume of qualified applicants.

Mitratech is proud to be an EEOE, M/F/D/V, and we are committed to diversity both in practice and spirit at the corporate level. Mitratech participates in the Electronic Employment Verification Program. E-Verify is an Internet-based system that compares information from an employee’s I-9 to data from the U.S. Department of Homeland Security and Social Security Administration Records. To learn more, visit: everify.com

We are an equal-opportunity employer that values diversity at all levels. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity, disability, or veteran status.