Senior Security Compliance Analyst

The Team:

Customers trust Iterable with their marketing and sensitive information, expecting us to safeguard their data. Iterable's security team leads a cross-functional effort across the company to ensure that all systems remain secure in support of Iterable's core values, and to provide assurance to our customers that we will be the good stewards of their valued data. The Iterable security team actively collaborates and leads the effort to build Iterable's security architecture in concert with other groups as they develop or launch new features and services. As engineers, we believe in security through automation, our footprint spans across the entire company at all levels, from production to campus technology. 

The Role

Sr. Security Compliance Analyst - are motivated team players who ultimately will execute on work to ensure a positive security and compliance posture for Iterable.  This role will have the opportunity to work directly across all Governance Risk and Compliance programs by assisting with everything from external audits (such as SOC 2, ISO and privacy certifications) to risk assessments and to managing RFPs and Contract Reviews.  They will partner with various stakeholders across the organization to achieve the common goal of ensuring Iterable is able to meet our customers requirements for a secure organization. You’ll report directly to our Manager of Compliance. 

We're looking to expand our small but growing organization with teammates who are intellectually curious and willing to embrace challenges, all while keeping our company values of Humility, Trust, Growth Mindset, and Balance top of mind. 

One of our core values is a growth mindset and Iterable is a company where everyone can grow. If this is a role that excites you, please apply as we value applicants for the skills they bring beyond a job description.

Position Details:

• Conduct risk assessments to evaluate security, compliance, and operational risks across technical systems, third parties, and business processes.
• Engage with stakeholders across the organization to understand business processes, assess risks, and collaboratively determine risk ratings based on impact and likelihood.
• Assist with risk governance, working cross-functionally to identify, assess, and remediate security and privacy compliance risks.
• Analyze the technical and business impact of identified security and privacy risks, providing clear remediation guidance.
• Support compliance activities, including risk assessments, internal and external audits, and evidence gathering (e.g., SOC 2 Type 2, ISO 27001, CBPR, PRP).
• Support customer trust initiatives by managing security and privacy documentation, responding to customer inquiries, reviewing contract security terms, and assisting with RFPs and RFIs to ensure transparency and compliance.

The Ideal Candidate Will Be/Have:

• Working knowledge of risk assessment fundamentals (impact analysis, residual risk, mitigation strategies, etc.)
• Technical aptitude for application and infrastructure vulnerabilities, especially in cloud environments
• Experience assessing and advising on security and privacy risks related to systems, data handling, and infrastructure
• Ability to analyze complex security and privacy issues, identify key risks, and provide clear, actionable recommendations.
• Familiarity with industry-standard security and privacy compliance frameworks (ISO, SOC2, GDPR, CCPA, etc.)
• Strong customer service mindset with the ability to communicate security and privacy risks to internal and external stakeholders.
• Experience reviewing contracts, handling RFPs, and addressing security and compliance concerns.
  
• Strong attention to detail with the ability to multitask under tight deadlines
  
  

Bonus Points:

• Professional certifications such as CISA, CISSP, CISM, and/or CIPP 
• Familiarity with Cloud service such as Amazon Web Services

Perks & Benefits: 

• Paid parental leave
• Competitive salaries, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Days (additional paid holidays)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Monthly Employee Wellness allowance 
• Monthly Professional Development allowance 
• Pre-tax commuter benefits
• Complete laptop workstation

The US base salary range for this position at the start of employment is $126,500 - $189,500. Within this range, individual pay is determined by specific US work location, as well as additional factors, including job-related skills, experience, relevant education or training, and internal equity considerations.

Please note that the range listed above reflects only base salary. The total compensation package includes variable pay (where applicable), equity, plus a range of benefits, including medical, dental, vision, and financial. In addition, we offer perks such as generous stipends for health & fitness and learning & development, among others.