We are seeking a Senior Security Analyst to join our team. In this role, you’ll work cross- functionally to maintain and enhance our information security program.

Who you are:

• An individual with strong communication skills
• An individual with the ability to communicate and interact with colleagues at any level within the organization
• Generally able to lead a team or give guidance.
• Subject matter expert - Is seen as a go to resource by other Security team members for best practices and knowledge of DLP systems.
• Knowledgeable in risk management concepts including data loss prevention, insider risk management, IP protection, and incident response.

What you'll be doing:

• Security program management
• Manage and improve Seismic’s DLP program.
• Design policies to govern on-premises, multicloud, and SaaS data with Microsoft Defender or Microsoft Purview (Preferred)
• Map data assets according to risk level
• Help secure a multi-cloud environment
• Vulnerability Management ticketing & remediation.
• Event Monitoring and Response with multiple applications.
• Partner with our Engineering team to ensure our infrastructure is configured to ensure security of confidential data.
• Respond to customer third party risk management information questionnaires
• Interface directly with information security personnel at customers/prospects to address requests about Seismic's data security program and our web application/integrations.
• Ensure adherence to data security commitments Seismic makes to customers.
• Drive positive outcomes for cross-functional teams and promote collaboration across departments.
• Mentor teammates on data security best practices.
• Ensure compliance with rapidly changing laws and applicable regulations

What you will bring to the team:

• 5-7+ years of experience in data security in the software industry.
• Flexibility and eagerness to work in a fast-paced environment and meet tight deadlines.
• Security certifications: CISSP certification - strongly preferred
• One or more Cloud security certifications (Azure Security Engineer, AWS Cloud Security Engineer, and/or GCP Cloud Security Engineer) – strongly preferred
• SaaS experience
• APIs – Experienced at testing and remediating API configuration (preferred)
• In-depth knowledge of Compliance standards
• ISO 27001/27002
• SOC 2 Type 2 all 5 domains
• Knowledge of some modern computing language (Python, React, C#, etc). Some scripting experience is expected
• Experience with securing application pipelines

• SIEM Knowledge – Rapid7, Splunk or similar
• Email security – Training and assistance to company employees on best practices around phish prevention, social engineering, and experience with email security systems. Knowledge of DKIM, SPF, and DMARC standards.
• Data Management skills such as SQL for log analysis.

What we have for you:

• Take time to rest and recharge w/ paid time off, paid company holidays, and end of year company shutdown
• Medical, dental, vision and 2x life insurance
• Health Savings Accounts with $1,000 Single/$2,000 Family employer contribution and employer-paid disability plans
• Paid parental leave and family caregiver leaves
• Mental health + Employee Assistance programs w/ free counseling sessions
• Access to free paid telemedicine
• 401k w/ employer match
• Equity program and performance-based bonuses
• Pre-tax commuter benefits
• Bring Your Own Device technology stipend
• Seismic Cares Program w/ charitable donation matching
• $1,000 annual professional development reimbursement
• Nine Communities of Belonging (aka employee resource/affinity groups)

#LI-LM

#LI-Remote