Security Program Analyst

About The Position

Requirements

• Bachelor’s degree or equivalent experience in security, risk management, business, or a related field.
• 6–9 years of experience in security programs, risk management, compliance, or related operational roles.
• Strong working knowledge of security governance, risk frameworks, and compliance principles.
• Experience supporting audits, risk tracking, and documentation-driven programs.
• Proven ability to manage complex initiatives through influence and collaboration.
• Strong analytical, organizational, and written communication skills.

Nice To Haves

• Hands-on experience supporting or operating a Security GRC program in a corporate or enterprise environment.
• Familiarity with common GRC tools, frameworks, and control libraries.
• Experience operating in global or high-growth technology environments.
• Ability to translate complex security requirements into practical, scalable processes.
• Calm, detail-oriented execution in dynamic or high-visibility environments.

Responsibilities

• Lead day-to-day execution and sustainment of enterprise security programs, including governance, risk management, compliance tracking, training, documentation, and reporting.
• Support the design, maintenance, and continuous improvement of security policies, standards, procedures, and playbooks aligned with regulatory and business requirements.
• Conduct and coordinate security risk assessments, gap analyses, and mitigation planning across facilities, programs, and initiatives.
• Develop and maintain metrics, dashboards, and reporting to support leadership visibility and decision-making.
• Serve as a key contributor to security GRC activities, partnering with Legal, Compliance, Privacy, and Audit teams to meet regulatory, contractual, and internal requirements.
• Coordinate security-related audits, assessments, and evidence collection efforts, ensuring documentation is accurate, complete, and audit-ready.
• Maintain security risk registers, track remediation activities, and ensure timely follow-up and documentation.
• Coordinate corporate security training and awareness programs, including onboarding, role-based training, tabletop exercises, and refresher sessions.
• Partner with stakeholders to ensure training content aligns with evolving risks and compliance requirements.
• Track training participation and effectiveness, identifying opportunities for improvement.
• Own and maintain security program infrastructure, including SharePoint sites, document repositories, workflows, and knowledge management tools.
• Ensure documentation quality, version control, and accessibility across security programs.
• Develop and manage project plans, timelines, and dependencies for multiple concurrent security initiatives.
• Apply structured project management practices to support consistent and predictable execution.
• Act as a trusted partner to cross-functional teams by providing guidance on security program requirements, documentation, and risk considerations.
• Lead working sessions and coordinate deliverables across stakeholders without direct authority.
• Identify program risks, gaps, or inefficiencies and proactively escalate with data-driven recommendations.

Benefits

• Competitive salary and 401(k) with employer match
• Discretionary paid time off
• Paid parental leave for all
• Medical, Dental, Vision insurance
• Fitness programs and wellness support
• Learning & development opportunities
• Office snacks and collaborative spaces