Senior Security Compliance Analyst

NetBrain Technologies Inc

Full Timesenior Hybrid

Burlington, MA | HybridPosted 3 days ago

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

AWSGCPAzureTerraformSaaS

Job Description

<div class="content-intro">Founded in 2004, NetBrain is the leader in no-code network automation. Its ground-breaking Next-Gen platform provides IT operations teams with the ability to scale their hybrid multi-cloud connected networks by automating the processes associated with Diagnostic Troubleshooting, Outage Prevention and Protected Change Management.  Today, over 2,500 of the world’s largest enterprises and managed services providers leverage NetBrain’s platform.</div>What We Need We are seeking a security and compliance leader to build and operationalize a scalable security program for our SaaS environment. This role will define policies, drive alignment with frameworks such as SOC 2, ISO 27001, and NIST, and partner cross-functionally to embed compliance into engineering, infrastructure, and business processes. You will own risk management initiatives—including third-party risk, control testing, and audit readiness—while ensuring the organization is prepared for certifications and regulatory requirements. Additionally, you will enhance our security posture through automation, continuous monitoring, and proactive improvements to mitigate evolving threats and compliance risks.   What You'll Do Security Program & Compliance <ul data-start="1970" data-end="2218"> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="1vmf1wj" data-start="1970" data-end="2104">Own and scale the company’s SaaS security and compliance program, aligning to frameworks such as SOC 2, ISO 27001, NIST, and GDPR.</li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="wo7me3" data-start="2105" data-end="2218">Define and implement security policies, standards, and controls to meet regulatory and business requirements.</li> </ul> Risk Management & Audits <ul data-start="2249" data-end="2481"> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="1kkwt1k" data-start="2249" data-end="2357">Lead risk management efforts, including third-party risk assessments, control testing, and gap analysis.</li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="dzxir4" data-start="2358" data-end="2481">Drive audit readiness and execution, coordinating evidence collection and remediation for internal and external audits.</li> </ul> Policy Integration & Enablement <ul data-start="2519" data-end="2744"> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="3hqcnk" data-start="2519" data-end="2626">Embed security and compliance requirements into engineering, infrastructure, and operational workflows.</li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="24vf17" data-start="2627" data-end="2744">Partner cross-functionally with engineering, legal, and business teams to align on security and compliance goals.</li> </ul> Security Engineering & Continuous Improvement <ul data-start="2796" data-end="3055"> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="1v175dl" data-start="2796" data-end="2938">Partner with engineering to implement technical safeguards (e.g., access controls, logging, encryption) and automate compliance processes.</li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-section-id="1habi3f" data-start="2939" data-end="3055">Continuously monitor evolving threats and regulations, proactively strengthening the company’s security posture.</li> </ul>     What You Bring <ul> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent experience. </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">4+ years of experience in information security, compliance, or related technical roles. </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Strong knowledge of security frameworks and regulations (e.g., ISO 27001, SOC 2, NIST, PCI-DSS, HIPAA, GDPR). </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Hands-on experience with cloud environments (AWS, Azure, or GCP) and related security services. </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Familiarity with auditing, logging, monitoring, SCA, DAST, SAST and vulnerability management tools. </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Excellent documentation, communication, and collaboration skills. </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Security certifications (e.g., CISSP, CISM, CISA, CCSK, or equivalent) preferred. </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Experience with automation tools for compliance (e.g., Terraform, Cloud Custodian, or compliance-as-code frameworks) </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Background in DevSecOps or secure software development practices preferred.  </li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Manual Dexterity: Repetitive motion of wrists, hands and fingers for using a computer.</li> <li style="font-size: 12pt; font-family: 'trebuchet ms', geneva, sans-serif;" data-leveltext="" data-font="Symbol" data-listid="16" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Stationary Tasks: Sitting for extended periods, remaining in a stationary position.</li> </ul>   What We Offer Our comprehensive compensation package is vital in how we recognize our people for the impact they make on us reaching our goals as a company. For this role, the estimated base is $140,000 - $180,000 + Bonus. The actual salary may vary based on a range of factors, including market and individual qualifications objectively assessed during the interview process. The range listed above is a guideline and may be modified. People Experience offers a comprehensive benefits package in addition to cash compensation that includes but is not limited to 401k and medical/dental coverage. Speak with your Recruiter for more details on our Total Rewards philosophy.  <div class="content-conclusion">NetBrain invites all interested and qualified candidates to apply for employment opportunities. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or other characteristics protected by law. If you have a disability that prevents or limits your ability to use or access the site, or if you require any other accommodation in the application process due to a disability, you may request a reasonable accommodation. To make a request, please contact our People Team at: <a href="mailto:people@netbraintech.com">people@netbraintech.com</a> and we will be happy to assist you. In compliance with applicable laws, NetBrain conducts holistic, individual background reviews in support of all hiring decisions. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.  </div>