Small but mighty … tiny tugboats can maneuver huge ships … that’s what the crew at Tugboat Logic does time and again by leading our clients through to calm waters. Tugboat Logic sets the industry standard for InfoSec. Our mission is to make security a business advantage for every organization. As the “TurboTax” of information security, our prime directive is to help our clients in taking the misery and mystery out of security compliance. We demystify the dark art of building and managing InfoSec programs using automation, AI and powerful workflows. Most importantly, we save our clients time and money and help them become secure and compliant quickly and painlessly!
OUR CREW IS GROWING!
Are you …
- A bit of a generalist that can flex and shift as new priorities emerge?
- Highly detail-oriented and an amazing communicator?
- A team player, and enjoy collaborating with cross-functional teams?
- Experienced working in InfoSec?
- Knowledgeable in the field of audit and regulatory compliance?
- Energized working with a highly engaged team?
- Inspired by staying up to date on the latest development in InfoSec?
- Keen to work with a leading InfoSec tech start-up?
If you share our values and are looking for a rewarding career you can grow with, then this role may be for you!
We are looking for a dynamic individual who strives for order in the chaos, is motivated to continuously learn and actively exhibits the pillars of our culture – communication, collaboration, trust and fun. We value diversity and are committed to an inclusive, fair and respectful workplace. We have created an open and welcoming environment that allows every crew member to bring their complete, authentic selves to work every day, and provides opportunities to grow and reach their full potential.
The role of the Security Analyst is to support the Tugboat Logic’s Security Assurance Platform by creating new security content as well as supporting existing content with respect to various security frameworks (such as SOC 2, ISO27001, PCI DSS, NIST CSF, HIPAA, GDPR, CCPA etc.), helping customers by responding to security and privacy related questions required for the implementation of controls, assisting cross-teams with security expertise, and contributing to the ongoing improvement of the Tugboat Logic’s Security Assurance platform. This position relies heavily on your security and privacy background as well as sound and repeatable processes.
- Create content (such as policies, controls, guidance, templates, etc.) for security frameworks
- Improve and update content upon revision of frameworks or regulations (as applicable)
- Updating content-related changes in the Tugboat Logic’s Security Assurance Platform
- Provide support and guidance to customers on the management of security frameworks, control implementation and guidance
- Assist customers by responding to security and privacy-related questions
- Responding to day-to-day requests from different teams on security and compliance-related issues/questions
- Maintain up-to-date knowledge of the IT security industry
- Regularly keep apprised of new/revised or improved security solutions, processes and development of new threats and attack vectors
- Participate in internal user acceptance testing for new product releases and assist with QA efforts as needed
- Maintain detailed knowledge of Tugboat Logic’s Security Assurance Platform
- Participate in internal compliance as needed
- Perform other duties as may be assigned by the CISO
- 3+ years of experience in information security compliance/consulting/research across multiple companies and industries
- Strong passion for and experience leading security and risk-based discussions with technical and business stakeholders
- Amazing communication and writing skills
- Detailed knowledge of security risks and compliance as well as technical understanding of IT security
- Working or conceptual knowledge of security frameworks (such as SOC 2, ISO27001, PCI DSS, HIPAA, NIST CSF as well as privacy regulations)
- Working knowledge within key IT controls and risk assessment concepts
- Good understanding of audit and regulatory compliance (specifically knowledge of audit practices and methodologies)
- High-level working knowledge of security solutions such as endpoint security, DLP, SIEM, NAC, vulnerability assessments, authentication and encryption tools and what problems those solutions are designed to solve
- Ability to multi-task and work on multiple assignments at the same time while managing priorities
- CISSP, CISM, CISA or equivalent information security certifications or experience is a value add for this role
- Critical thinking skills to work through complex issues
- Driven by collaboration and teamwork
- Strong communication skills to be able to clearly explain their work to other parties
- Willingness and desire for continuous learning
- Demonstrated ability to adapt and grow
- Attention to detail
What you can expect from us …
- A fun, fast-paced and supportive work environment that respects everyone
- An inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success
- Competitive compensation commensurate with your experience and skills
- Full complement of benefits
- Opportunities for career advancement
- Remote work environment where you work remotely but don’t feel remote (offices may reopen after COVID)
- Equity participation in the company, commensurate with your role
Our expectations of this role are high, and we demand the best. In return, we provide a work environment that is professionally challenging, personally rewarding and intellectually stimulating. Guided by strong leadership, we support initiative, encourage ambition, recognize and reward talent (monetary incentives and opportunities for advancement).
We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.
Collection, use, and retention of personal information will be in accordance with Tugboat Logic, Inc. privacy policies and practices. By submitting your resume and personal information to Tugboat Logic, Inc., and/or participating in a personal interview, you acknowledge and consent to the collection, use and disclosure of your personal information by Tugboat Logic, Inc. to determine your suitability for employment opportunities.
- Remote interview process
- Social distancing guidelines in place
- Virtual meetings