Job Description

Sumo Logic is seeking a Security and Compliance Analyst to support existing compliance initiatives and audits for their cloud-based SaaS company. The role involves designing and maintaining internal controls, performing security reviews, leading risk assessments, and collaborating with various teams to ensure compliance with frameworks like FedRAMP, SOC2, HIPAA, PCI-DSS, and ISO27001.

Responsibilities

• Design, develop, and maintain internal controls
• Perform security reviews and identify gaps
• Support tooling and automation for security and compliance
• Lead 3rd party-risk assessments and audits
• Develop and maintain security and compliance documentation
• Work with product and engineering teams to maintain compliance
• Formulate processes and manage Risk Treatment and Remediation plans
• Provide direction to management on compliance goals
• Drive periodic reviews and updates of compliance items
• Interface with external auditors
• Participate in maintenance of security and compliance collateral

Requirements

• Experience supporting compliance programs in a SaaS environment
• Experience with 2 of: PCI-DSS, SOC2, HIPAA, ISO27001, and FedRAMP
• Strong communication skills
• Detail-oriented and highly organized
• Ability to take ownership of cross-functional projects
• Knowledge of compliance frameworks (PCI DSS, ISO 27001, SOC 2, IRAP, NIST 800-53 / FedRAMP)
• Ability to work across various teams
• Must be located primarily in the US
• Support analysis, classification, and response to cybersecurity risks
• Support sales team with customer meetings

Benefits

• No benefits