This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

We are seeking a skilled Senior Cybersecurity Analyst to play a pivotal role in securing enterprise systems, managing compliance programs, and mitigating risk across complex technical environments. This position offers the opportunity to impact critical business operations while collaborating with cross-functional teams, including Engineering, Product, Legal, and Customer Success. You will act as a trusted security advisor, helping translate technical and regulatory requirements into actionable strategies. The ideal candidate thrives in a fast-paced, innovative environment, combining technical expertise, project management skills, and strong communication abilities to ensure robust cybersecurity and compliance outcomes.

• Leading SOC 2 Type II audit cycles from scoping through evidence collection to final reporting, serving as the main contact for auditors.
• Coordinating HIPAA compliance assessments, including risk analyses, policy reviews, and BAA management.
• Conducting gap analyses against security frameworks (SOC 2, HIPAA, ISO 42001, NIST CSF) and developing prioritized remediation plans.
• Tracking risk mitigation progress and ensuring accountability for all corrective actions.
• Responding to enterprise customer security questionnaires and collaborating with clients on security matters.
• Supporting architecture and design reviews, ensuring systems meet security and compliance requirements before deployment.
• Developing and maintaining reusable security documentation, including trust portals, standard responses, and technical diagrams.
• Leveraging AI-assisted tools to enhance efficiency in threat analysis, evidence collection, and cybersecurity workflows.

Qualifications

• Bachelor’s degree in Information Security, Computer Science, or a related field.
• 6+ years of cybersecurity experience, including at least 2 years in compliance programs or audit processes.
• Hands-on experience leading SOC 2 audits through the full lifecycle.
• Practical knowledge of risk management frameworks (NIST RMF, ISO 42001, FAIR) and risk treatment procedures.
• Experience responding to enterprise security questionnaires and interacting with customers.
• Strong project management skills, capable of handling multiple priorities in a fast-moving environment.
• Excellent communication skills for translating complex security topics to technical and non-technical audiences.
• Active security certifications (CISSP and CISA preferred).

Requirements

• Experience in the healthcare industry or familiarity with healthcare data regulations.
• Knowledge of project management methodologies (PMP, Agile, Scrum).
• Familiarity with additional compliance frameworks such as ISO 27001, NIST CSF, or HITRUST.
• Understanding of DevSecOps practices and integrating security into CI/CD pipelines.

Benefits

• Competitive salary and performance-based incentives.
• Comprehensive Medical, Dental, Vision, and Life insurance.
• HSA with employer match, FSA, and DCFSA options.
• 401(k) plan.
• Flexible PTO policy and 11 paid company holidays.
• Remote-first location flexibility and annual company offsites.
• Annual equipment stipend and periodic team events.