AddressAt Vanta, our mission is to secure the internet and protect consumer data. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it.
As a Security Analyst at Vanta, you will be responsible for helping us demonstrate how we protect customer data and Vanta—and continue to earn the trust of our customers. A primary responsibility will be supporting the building and maintenance of compliance frameworks. This will involve creating and maintaining detailed mappings of security controls and evidence artifacts. In addition, you will review and process ongoing feedback from key stakeholders such as customers and auditors in order to maintain and update the product. You will also research legal requirements, and translate them into security and privacy controls. Aside from supporting Vanta’s compliance frameworks, you will help manage responses to vendor security questionnaires, and partner on vendor security reviews. You’ll review security alerts and escalations from different teams, tools, and platforms, and help improve existing and launch new security and compliance processes, programs, and policies where needed. Lastly, you will help ensure Vanta’ns have the information they need by partnering to respond to internal security-related questions and requests.
You’ll join Vanta’s Security organization, which provides essential security operational services, is directly involved in the software development process, sets policies and standards regarding enterprise-wide security requirements, and offers advisory services to enable our business to thrive while effectively managing risk. If you’re someone who has high initiative and enjoys problem-solving while having impact at a high-growth company, we would love to hear from you!
What you’ll do as a Security Analyst at Vanta:
Partner with our Product team to build framework details and controls for global security & privacy frameworks and standards
Create detailed mappings between industry standard compliance frameworks like ISO 27001, SOC 2, HIPAA, and NIST 800-53
Research customer and auditor feedback about issues with control mappings and evidence
Translate legal requirements into security and privacy controls
Respond to vendor security questionnaires
Partner with Vanta’ns to respond to customer security questions
Review and respond to security escalations from different tools and platforms
Partner to help improve existing and launch new security and compliance processes, programs, and policies where needed
Partner to respond to internal security-related questions and requests from Vanta’ns
How to be successful in this role:
1-3 years of experience in an information security role
Excellent verbal and written communication skills, interpersonal, and teamwork skills
Strong attention to detail and a desire and excitement to work with controls, control frameworks, and mapping
Passion for large and complex spreadsheets is a plus
Prior demonstration of high initiative and problem-solving skills, especially in a fast-paced environment
Ability to accept and manage change
Desire and willingness to learn
Ability to work independently
Helpful, resourceful and willing to help various teams succeed
Interest or prior experience within compliance or data privacy preferred, but not required
Security certifications and/or formal education preferred, but not required
What you can expect as a Vantan:
Industry-Competitive Salary and Equity
100% covered Medical, Dental, and Vision Benefits with Dependents Coverage
16 Weeks Fully Paid Parental Leave for All New Parents (Moms, Dads, Adoptive, Foster)
Health & Wellness Stipend
Remote Workspace Stipend
401(k) Matching Plan
Flexible Work Hours and Location
Open & Encouraged PTO Policy
9 Company Paid Holidays
Free Memberships to Online Wellness Platforms (One Medical, Headspace, and more!)
Virtual Team Building Activities, Lunch and Learns, and other Company-Wide Events
Offices in SF and NYC with Hubs of Vantans forming across the US, including but not limited to, Seattle, Austin, Indianapolis, LA, Boston, and more!
To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar-stage growth companies. Final offer amounts are determined by multiple factors, including candidate location, skills, depth of work experience, and relevant licenses/credentials, and may vary from the amounts listed below. The base pay range for this position is $95,000 - $112,000. This role may also be eligible for commissions/bonus, equity, medical benefits, 401(k) plan, and other company perk programs.
At Vanta, we are committed to hiring diverse talent of different backgrounds and as such, it is important to us to provide an inclusive work environment for all. We do not discriminate on the basis of race, gender identity, age, religion, sexual orientation, veteran or disability status, or any other protected class. As an equal opportunity employer, we encourage and welcome people of all backgrounds to apply.
About Vanta
We started in 2018, in the wake of several high-profile data breaches. Online security was only becoming more important, but we knew firsthand how hard it could be for fast-growing companies to invest the time and manpower it takes to build a solid security foundation. Vanta was inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged.
Now more than ever, making security continuous—not just a point-in-time check— is essential. Thousands of companies rely on Vanta to build, maintain and demonstrate their trust— all in a way that's real-time and transparent.
#LI-remote
