The IT Security Analyst will enhance security posture by collaborating on SOC 2 compliance, managing security evaluations, and implementing security best practices.
The Role:
Wpromote seeks a highly motivated IT Security Analyst to enhance our security posture. This role will collaborate with our security vendors to achieve SOC 2 compliance and advance our CIS CSC controls. Working alongside our IT Operations and Infrastructure team, you will develop scalable security and data protection processes. This position will play a key role in all security evaluations conducted by potential and existing clients. The ideal candidate possesses experience in SOC 2 audits, application security best practices, penetration test remediations, and security program assessments. A background in security auditing and documentation based on security standards is highly desirable.
At Wpromote, we believe that great work is only possible with great people. Our goal is to build a better, more inclusive work environment and support our people at every stage of their careers by prioritizing a strong work-life balance through our policies and benefits listed below. As a Best Place to Work according to both Ad Age and Glassdoor and Adweek’s Fastest Growing Digital Agency, we are moving fast to expand our teams and bring new experts into the fold to keep pushing the boundaries of what’s possible in marketing.
We offer:
-Remote-first culture
-Unlimited PTO
-Extended Holiday break (Winter)
-Flexible schedules
-Work from anywhere options*
-100% paid parental leave
-401(k) matching
-Medical, Dental, Vision, Life, Pet Insurance
-Sponsored life insurance
-Short Term Disability insurance and additional voluntary insurance
-Annual Class Pass credits and more!
The anticipated annual salary for this role will range from $85,000 - $110,000, based on consideration of a wide array of factors unique to each candidate, including but not limited to skill set, years and depth of experience, education and certifications, competitive benchmarks, scope of responsibility, market dynamics, geographic location, and respective state’s salary threshold for exempt employees. At Wpromote, pay ranges are subject to change and are based on specific market medians for similar jobs according to third-party salary benchmark surveys. Individual pay within that range can vary due to skills, experience, and available budget. The total compensation package for this role will include benefits (listed above).
*This position may be performed remotely in most states within the US, with some exclusions
**While this role offers the flexibility to work remotely, we have office hubs in Los Angeles, Chicago, and New York, where you can join in on learning and development opportunities, fun events, take advantage of a space to work, and collaborate in person!
***This position is not eligible for immigration sponsorship
Important Notice: Beware of Job Scams
Wpromote recruiting communications will only be sent through our official channels via wpromote.com email addresses. If you see a posting elsewhere that is not reflected on Wpromote.com/careers, it may be a fraudulent posting. We do not require payment or fees during the hiring process nor do we request sensitive information, such as Social Security numbers or payment details. Please safeguard yourself against possible scams and contact us if you encounter any suspicious activity.
#LI-SD
#LI-Remote
You Will Be
- Collaborate with security consulting vendors on SOC 2 compliance, penetration tests, and CIS CSC controls.
- Optimize SOC2 engagements through the automation of audit controls using SaaS platforms.
- Manage security evaluations from potential and current clients.
- Audit and update processes and policies to ensure compliance with security requirements.
- Propose and implement security best practices, processes, and policies for the company.
- Provide guidance and implement application security standards for internal development.
- Manage our vulnerability management solution and security awareness training platform.
- Implement solutions to prevent data loss, breaches, and service interruptions.
- Evaluate data privacy and security regulation updates to determine necessary organizational changes.
You Must Have
- 3-4 years of experience in cybersecurity and data privacy.
- Experience working with security vendors on SOC 2 audits and penetration test remediation.
- Experience auditing processes and policies for alignment with CIS CSC controls and SOC 2 compliance.
- Experience with GCP Command Center.
- Experience securing Google Workspace.
- Knowledge of OWASP and application security best practices.
- Experience remediating vulnerabilities through a vulnerability management system (e.g., Rapid7).
- Strong understanding of Mac operating system security.
- Bachelor's degree in computer science or a related discipline, or equivalent relevant experience.
- Excellent written and verbal communication skills.
- Ability to work independently and collaboratively.
- Security certifications, such as CISSP, are highly preferred.
Wpromote is committed to bringing together individuals from different backgrounds and perspectives, providing employees with a safe and welcoming environment free of discrimination and harassment. We strive to create a diverse & inclusive environment where everyone can thrive, feel a sense of belonging, and do impactful work together. As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our workplace.
Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Wpromote.
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9. For more information on E Verify, or if you believe that your employer has violated its E-Verify responsibilities, please contact DHS.
Top Skills
Cis Csc Controls
Gcp Command Center
Google Workspace
Owasp
Rapid7
Soc 2 Compliance
Vulnerability Management System
Similar Jobs
Artificial Intelligence • Healthtech • Analytics • Biotech
The IT Connectivity Leader will serve as a liaison between product and commercial teams, ensuring effective IT connectivity and image management for Point of Care and Handheld Ultrasound. Responsibilities include providing technical expertise, training teams, validating connectivity for systems, and engaging with customers to solve complex issues.
Cloud • Security • Cybersecurity
The Senior Consultant leads application security engagements, performs penetration testing, contextualizes vulnerabilities, mentors teammates, and supports clients in improving security posture.
Top Skills:
APIsApplication Penetration TestingCloud TestingMobile Application TestingProgramming LanguagesSecurity PrinciplesWeb Application Testing
Cybersecurity
The Solutions Architect will lead technical aspects of product deployments, provide customer support, and collaborate across teams on security solutions.
Top Skills:
Active DirectoryAWSAzureAzure AdGCPKubernetesLinux
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
