Security & Compliance Analyst

Описание вакансии

DNSFilter’s mission is to protect our customers and partners with products they love to use! We are revolutionizing network security by providing fast, accurate, and reliable threat protection and content filtering. We're a rapidly growing company dedicated to creating a safer internet for businesses and organizations worldwide. Leveraging AI-driven threat intelligence, DNSFilter empowers our customers to proactively block threats before they impact their networks. We foster a collaborative, innovative, and results-oriented culture where every team member contributes to our mission of making the internet safer.

As we continue our product-fueled growth by adding new features and broadening our solution to meet the needs of the global market, it's clear there's a missing piece. That's where you come in!

We are looking for a Security & Compliance Analyst to own our compliance program and contribute to hands-on security operations. This is a hybrid role that comprises roughly 70% Governance, Risk, and Compliance and 30% Security Operations. You will be the person who keeps our compliance engine running while also rolling up your sleeves on projects related to access management, device posture, and security observability. This is not a role where you'll just be writing policies no one reads. You'll work alongside the rest of the security team, touch real systems, and directly improve our security posture; not just document it.

Eligible candidates have and can work successfully in a small to mid-sized fast-paced, hyper-growth, SaaS start-up or scale-up organization. This is a full-time role with a preference for candidates in the United States.

We recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If you feel like this job is for you, please apply. We believe diversity of experience and skills, including transferable skills, combined with passion, is a key to innovation and excellence; therefore, we encourage people from all backgrounds to apply to our positions!

At DNSFilter, you will:Own Governance, Risk, and Compliance:

• SOC 2 audit program - Drive our annual Type II audit end-to-end: evidence collection, auditor selection & coordination, remediation tracking, and readiness assessments
• Compliance platform management - Own our Vanta instance as the primary admin: monitor controls, resolve alerts, maintain integrations, improve our trust center, and keep evidence collection automated
• Customer security questionnaires - Respond to customer security assessments, RFPs, and due diligence requests
• Vendor security reviews - Evaluate third-party vendors for security risk, manage the vendor review pipeline, and work cross-team to maintain our approved vendor registry
• Policy management - Maintain, update, and drive approval cycles for security policies, standards, and procedures

Contribute to Security Operations:

• Security observability - Improve our ability to detect and respond by working on logging, alerting, and tuning
• Access management & device posture - Help implement and improve IdP configurations, access management, and endpoint compliance policies
• Misc security projects - support other security team members on larger initiatives as capacity allows

To qualify for this role, you have:

• 3–5 years in a GRC, compliance, or security analyst role at a SaaS or technology company
• Hands-on admin-level experience with a compliance automation platform (Vanta, Drata, Secureframe, or similar)
• Led or significantly contributed to at least one SOC 2 Type II audit cycle
• Have led or substantially participated in at least one large technical project or deployment
• Strong written communication
• Self-directed and organized

Strong bonus points for:

• Experience with identity providers (Okta, Azure AD/Entra, Google Workspace) at an admin or configuration level
• Experience with GDPR or other data privacy frameworks
• Familiarity with endpoint management tools (Jamf, Intune, Kandji)
• Exposure to SIEM or log management platforms
• Experience working in this role at a SaaS organization in the 100–500 employee range

We Offer:

• Pathway to promotion to additional organizational positions and responsibilities based upon results and performance, not just time in the chair.  You help us grow, and we will help you grow.
• Passionate and intelligent colleagues who work hard and have a good time doing it
• Paid company-wide week off at the end of each year
• Flexible Vacation Policy
• Awesome company swag
• Full medical, dental, and vision benefits for US, UK, and Canada-based employees
• Full short-term disability and life benefits; available long-term disability
• Retirement savings account options with vested company matching for qualifying employees
• In-person annual gatherings. Last time we all spent a week on a beach in the Dominican Republic!

DNSFilter is a pay-for-performance organization, which means there is an opportunity to advance your compensation based on performance over time. The hiring base pay is dependent on several factors, including level, function, training, transferable skills, work experience, business needs, and geographic location. As a hybrid company, our compensation reflects the cost of labor across several U.S. and global geographic markets. We pay differently based on those defined markets. Our Talent Team can share more about the specific salary range for the job location during the hiring process.

DNSFilter participates in the E-Verify program.

At DNSFilter, we utilize sophisticated software and tools to identify and eliminate Deepfake candidates. This approach helps us maintain the integrity of our hiring process, ensuring that we select the most qualified and genuine individuals to join our team.

U.S. hiring salary range

$120,000—$135,000 USD