Information Security Analyst

Conga•Boston, MA

7d•Hybrid

About The Position

Conga is seeking an Information Security Analyst to help shape and maintain a robust information security program. In this role, you’ll work closely with stakeholders across the company to identify and remediate security issues, promote awareness, and ensure compliance with legal, regulatory, and customer requirements. You’ll be part of the Security & Compliance Team, but also operate independently, managing alerts, vulnerabilities, incident response, and risk assessments. Your day-to-day will involve hands-on security operations, cross-functional collaboration, and continuous improvement of security practices. Why it's a big deal….. This role is critical to protecting Conga’s information assets and maintaining trust with customers and partners. By proactively managing threats, vulnerabilities, and compliance, you’ll help safeguard the company’s reputation and ensure business continuity. Your work directly supports Conga’s strategic goals by enabling secure innovation, enhancing customer confidence, and fostering a culture of security awareness across the organization.

Requirements

Bachelor’s Degree in Computer Science, Cybersecurity, Engineering, or other relevant subject areas OR equivalent experience.
3-4 years of experience in information security, preferably with a focus on IT and product security.
Foundational knowledge of cloud security principles (AWS, Azure, GCP), DevSecOps practices, and secure software development lifecycle (SDLC).
Hands-on experience with application security and vulnerability management practices.
Foundational knowledge of at least one or more security/compliance frameworks such as ISO 27001, ISO 27701, SOC, PCI, HIPAA, etc.
Understanding of privacy frameworks such as GDPR, CCPA, CPRA, etc.
Strong communication and interpersonal skills. You’re not just comfortable engaging in collaborative discussions, but initiating them, too, communicating clearly and concisely while leveraging strong listening skills to gather accurate information and resolve issues efficiently.
Cross-Functional Collaboration. You know how to build strong relationships across Cloud Ops, Engineering and IT teams. teams. You communicate priorities and goals clearly, helping both technical and non-technical stakeholders stay aligned and moving in the same direction.
Detail oriented. Consistently ensures accuracy in security assessments, documentation, and incident response processes, minimizing risk and maintaining high standards of compliance.
Self‑starter. You take a proactive approach, independently identifying and addressing work‑related tasks to ensure continuous progress and timely delivery.