Senior Security and Compliance Analyst

About the Team SalesLoft’s infosec team comprises seasoned and up-and-coming infosec professionals who are all aligned on one vision and mission: Vision: Every seller is loved by the buyers they serve (#saleslove) Mission: Equip companies to maximize revenue by creating a fantastic buying experience. The security team consists of security professionals who maintain controls that protect the business in keeping with industry best practices and relevant regulations and frameworks. They are also the epitome of our core values - Customers First. Team Over Self. Focus on Results. Bias Towards Action. Glass Half Full. About the Role As a Senior Security and Compliance Analyst at SalesLoft, you will play a pivotal role in our company's success. Join our high-performing information security team and be the go-to expert for all customer-facing security and compliance matters.  Your primary focus will be to serve and build trust with Salesloft customers by addressing security, privacy, and compliance concerns as they arise This is a fully remote opportunity and can be worked from any location in Mexico. Candidates must be based in Mexico and be able to travel to the office in Jalisco as needed. Responsibilities

Maintain and evolve policies that hold employees accountable to security and privacy best practices, while remaining practical and aligned with Salesloft’s systems and control environment

Conduct third party risk management activities that evaluate the security posture and controls of third party providers, including the implementation and ongoing use of third-party systems

Conduct security, privacy and compliance reviews as part of the software development lifecycle for the Salesloft platform

Work with business stakeholders to ensure security and privacy requirements are adequately considered as part of the development and delivery methodology

Liaise with third party auditors and internal control owners to ensure the successful completion of attestation and compliance engagements

Support the automation of cybersecurity risk management programs and reporting capabilities to measure and demonstrate control operational effectiveness

Work with various departmental control owners to identify, assess, and treat security and privacy risks

Respond to customer security and compliance inquiries, including customer security and privacy questionnaires, compliance attestations, and discussions on product functionality and its impact on customer environments

Maintenance of the public facing Salesloft trust portal

Participate in meetings with customer security, privacy, legal, and IT teams to address detailed security and compliance questions related to the Salesloft platform and security program

Create and maintain customer-facing materials that streamline the security evaluation process and proactively address common customer concerns

Ensure Salesloft’s security awareness training program communicates relevant content that results in meaningful learning across the employee base

Support the responsible adoption of AI by enabling GRC automation and partnering with business teams on AI-driven initiatives, while establishing and maintaining appropriate AI governance, risk controls, and compliance guardrails

Qualifications

5+ years of experience auditing and/or maintaining information security controls

Experience engaging directly with customers as a security subject matter expert

Working knowledge of ISO 27001, SOC 2 Trust Services Principles, GDPR and other common security standards

Experience with "defense-in-depth" principles and technology 

Strong attention to detail and commitment to quality

Self-driven, autonomous and can contribute to the strategy and roadmap of the team

Advanced documentation, prioritization and change management skills

CISA or similar certification