Veracode: Sr. IT Risk/Compliance Analyst
65 Network Drive
Burlington, MA 01803

Video

Our Mission – Securing the software that powers your world.  At Veracode, we are focused on that mission every day.  Veracode is recognized as a premier provider of SaaS-based application security solutions, transforming the way companies secure applications in today’s software driven world.  We provide our customers with a solid foundation on which to build security into their modern agile development processes.

Veracode is seeking a highly-motivated, detail-oriented individual to join our Risk & Compliance Team. In this role, you will have the opportunity to help make our infrastructure, products, and customers more secure.

The role of Senior IT Risk/Compliance Analyst will include the following responsibilities:

  • Supports Service Organization Control (SOC 2/3) and internal audit requirements and activities by assisting in the planning and execution of assessments to minimize disruption on business processes and operational systems
  • Supports efforts to gather documentation and supporting evidence and facilitates external and internal audit requests
  • Assists with ongoing evaluation and implementation of proper controls to align with GDPR, Privacy Shield, PCI, NIST 800.53 and other relevant Privacy regulations
  • Assist with customer audits in collaboration with Sales/Services teams and supports maintenance of a database to facilitate timely responses.
  • Assists with security/compliance evaluations of Veracode vendors.
  • Assist with drafting of Information Systems policies and procedures and related documentation.

Required Skills/Experience:

  • BS or MS in Computer Science, Engineering, or Information Security
  • 5 or more years of progressive Information Security/ IT Audit work experience
  • Knowledge of risk assessment design and delivery
  • Familiarity with some relevant security frameworks such as FedRAMP, ISO 27001, GDPR, PCI, etc.
  • Proven experience building productive relationships with Technical Operations, Security Operations, Incident Response, Technical Compliance and other stakeholders
  • Ability to prioritize and multitask. Flexibility and adaptability in work approach.
  • Strong written and verbal communication skills.

Desired Skills/Experience:

  • Professional security management certification: CISSP or CISA preferred
  • Knowledge of / experience working with Cloud technologies/environments is a plus

The Veracode Way:

We Have a Passion and Commitment for Security

We consider security in everything we do. We act to preserve the trust our customers place in us.

We Help Our Customers Change the World

We deliver peace of mind to our customers so they can focus on the pursuit of their missions.

We Have Big Goals and Expect Big Outcomes

We are results driven. We take risks, compete boldly, and deliver valuable outcomes to our customers.  

We Are Committed to Making Progress Together

We collaborate with each other, our user communities, our industry and together lead the world forward.

We Value Each Other

We value diversity. We have empathy for each other and assume positive intent.

We Are Proud to be Veracode

We have fun together. We honor who we are and work hard to achieve our potential.

You Change the World, We’ll Secure It!

Veracode is an equal opportunity employer and we celebrate diversity with a commitment to creating an inclusive environment.  All applicants will be considered for employment without attention to race, religion, age, sex, gender identity, sexual orientation, national origin, veteran or disability status.

Full-time