Information Security Analyst

Hopin
At Hopin, we’re reimagining virtual events.As the first all-in-one virtual venue for live online events, Hopin brings people together in a highly interactive and engaging online experience that feels just like an in-person event, only without the barriers. Whether it’s a 50-person meetup, or a 50,000-person conference—any type of event organizer can host a Hopin event for their attendees, speakers, sponsors, and vendors to convene, learn, and interact face-to-face online. We’re spearheading the innovative technology that is enabling people to gather online like never before.Our mission is simple: better connections for a better planet. We believe in events without limits, but events that are sustainable and accessible to everyone—and fun, too! To do this, we need passionate builders and storytellers to join us. Do you love people and technology and the magic that happens when they converge at scale? Do you have the skills and experience we’re looking for to better serve our clients? If so, we’d like to meet.
We’ve recently been funded by Accel, Northzone, Seedcamp, Web Summit’s Fund, Slack Fund and a number of high-profile angel investors participated, including Supercell founder Ilkka Paananen, UiPath founder Daniel Dines, Intercom founder Des Traynor, GoCardless COO Carlos Gonzalez-Cadenas and Miro founder Andrey Khusid.
 
The Role 
As an Information Security Analyst at Hopin you will be a part of a team that designs and implements policies, systems and solutions to protect Hopin and its customers. You will be exposed to a diverse and collaborative team; coordinating with Sales, Infrastructure, Legal, Engineering, and Business Operations as well as external clients. You will actively participate in the ongoing design, documentation, implementation, and monitoring of IT controls in our environments as well as demonstrating adherence to these controls to external auditors.
The Security team is small and we are looking for someone who is a motivated self-starter who is inspired by the idea of building new systems to support a rapidly growing platform. We are a remote-first company with staff in more than a dozen countries. We operate around the clock and strive to support flexible hours and schedules. This role will involve interacting with our Sales team and external customers and will involve availability during either London, UK or New York business hours.
Responsibilities 
  • Participate in planning, scheduling and preliminary analysis for all internal and external audit projects.
  • Complete Vendor Risk Assessments both inbound and outbound.
  • Work with external and internal audit teams to managing and support audits.
  • Complete audit testing, inquiry, observation and other analysis required to meet objectives of audit projects.
  • Update existing policies and procedures as audit and security requirements evolve.
  • Communicate the progress and results of audits throughout the engagement.
  • Contribute to and develop value added recommendations to address issues.
  • Automate manual tasks and improve customer experience.
  • Monitor implementation of outstanding audit recommendations and validate their implementation.
Qualifications
  • Understanding of global data protection laws, standards, and associated frameworks (e.g. GDPR, CCPA, and APEC CBPR).
  • Exposure to the following regulatory and compliance frameworks SoC1 and SoC2 (SSAE16), ISO2700x, FedRamp, COPPA, ITIL, NIST, SOX, PCI DSS.
  • Experience operating a vendor risk program.
  • Familiarity with Cloud Infrastructure technologies (AWS, GCP, Heroku).
  • Experience in a highly SaaS/PaaS environment.
  • Ability to quickly acquire and apply knowledge of changing technologies implemented is essential.
  • Strong verbal and written communication skills.
  • Ability to translate Controls & Requirements into actionable technical specifications.
  • Have the ability to use a risk-based audit approach in evaluations of and recommendations for management processes.
  • Ability to present audit findings and recommendations in a manner that will be understood and accepted by all involved parties.
  • Ability to manage dynamic priorities, accurately and actively set expectations with partners.
Nice to Have
  • Bachelor's degree in Information Systems or related field, or equivalent experience.
  • Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC).
  • Certified in Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), CPA, and/or CIA.
  • Privacy certifications such as CIPP(US/E) and CIPT.
  • Competency in a scripting or programming language.
The Offer 
Competitive salaryFully remote team, work from any corner of the worldFlexible schedulesLaptop assigned, Mac or DELL XPS800 USD for Home-Office set up 

Category Others

securityanalystsalesinfrastructurebusinessdesignsupportcustomercloudawsherokuenterprise

Similar Jobs

Subscribe Now