Senior Information Security Analyst

iManage•Chicago, IL

20h•$100,000 - $150,000•Hybrid

About The Position

We offer a flexible working policy that supports a healthy balance between personal and professional well-being. This role requires in-office presence on Tuesdays & Thursdays to collaborate, connect, and learn from peers - while also maintaining the flexibility for meaningful work-life balance. Being a Senior Information Security Analyst at iManage Means… You are a dynamic Information Security analyst excited and ready to take your Information Security career to the next level. You are comfortable working with a broad range of stakeholders; IT, engineering, security operations, marketing, pre sales and customer security compliance teams. As a member of our Information Security team, you will have no shortage of interesting and varied security projects to work on and learn from. You will collaborate with the team on our security governance, risk, compliance and trust objectives, author our security documentation, collect and develop periodic compliance and security metrics. In addition, you will translate external security standards into actionable requirements for operations and engineering teams and identify security risks. Here is what one of our leaders, Head of Information Security (Michael Hall), has to say about the role: ”Our team is dedicated to not only protecting our cloud platform but also fostering a culture that values people and their growth. We work with incredible customers across a wide variety of industries, providing unique and exciting security challenges every day. If you're looking for a role that offers the chance to work with industry experts then this is the place for you! Come and be a part of a team where your contributions are valued, and your development is a priority."

Requirements

Bachelor’s degree in Cybersecurity, Engineering, Computer Science, IT or equivalent experience.
Demonstrable experience in information security compliance, GRC, or cloud security roles with direct FedRAMP involvement.
Hands-on experience with: FedRAMP Moderate and/or High baselines NIST SP 800-53 (Rev. 4 and/or Rev. 5) SSP development and ownership POA&M management and continuous monitoring
Experience working with 3PAOs, auditors, and government customers.
Strong analytical and organizational skills and a great attention to detail.
Ability to work independently, as well and as part of a wider team, with minimal supervision.
A positive attitude with an eagerness to learn and develop professional knowledge.

Nice To Haves

Security certification such as CISA, CISM, CISSP, CRISC, GIAC or similar.
Experience working with SaaS providers is highly desirable.

Responsibilities

Supporting the review, design and implementation of information security and compliance standards (ISO 27K, ISO 22301, SOC2 Type 2, CSA STAR, FedRAMP) and tracking their implementation across the business.
Authoring and updating FedRAMP documentation, including: System Security Plan (SSP) Control implementation narratives Policies and procedures POA&Ms and Continuous Monitoring deliverables
Coordinating monthly, quarterly, and annual continuous monitoring activities, including vulnerability management tracking, evidence collection, and reporting.
Partnering with cross functional teams to validate technical and non-technical control implementations.
Supporting 3PAO assessments, audit activities, and government stakeholder reviews by preparing evidence, responding to requests, and addressing findings.
Tracking control gaps and remediation activities.
Monitoring FedRAMP PMO guidance, NIST updates and regulatory changes for impact to the environment.
Defining and reporting against security KPIs, including creating dashboards and reports.
Working closely with the security leadership team to support security initiatives as required.

Benefits

Join a rapidly evolving, industry-leading SaaS company on an exciting journey of growth and scalability!
Take on meaningful, high-impact challenges by leveraging cutting-edge technologies and best-in-class protocols to drive innovation.
Own my career path with our internal development framework. Ask us more about this!
Expand my skill set and earn certifications with unlimited access to LinkedIn Learning courses and interactive Microsoft courses & training.
Be part of a supportive and experienced team within a dynamic, inclusive, and encouraging culture.
Enjoy flexible work hours that empower me to balance personal time with professional commitments.
Collaborate in a modern, open-plan workspace featuring a gaming area, free snacks and drinks, and regular social events.
Creating an inclusive environment where I can help shape the culture not just by fitting in, but by adding to it.
Providing a market competitive salary that is applied through a consistent process, equitable for all our employees, and regularly reviewed based on industry data.
Rewarding me with an annual performance-based bonus.
Offering comprehensive Health/Vision/Dental/Life Insurance, and a 401k Retirement Savings Plan with a company match up to 4%.
Granting enhanced leave for expecting parents; 20 weeks 100% paid for primary leave, and 10 weeks 100% paid for secondary leave.
Providing me with a flexible time off policy to take the time off that I need. Be it for vacation, volunteering, celebrating holidays, spending time with family, or simply taking time to recharge and reset.
Having multiple company wellness days each year to prioritize mental health and well-being.
Providing access to RethinkCare, a global behavioral health platform that enhances personal well-being, strengthens professional resilience, and empowers parental success through expert-led training and resources.