[Remote] Sr Security Analyst - Risk and Compliance
Note: The job is a remote job and is open to candidates in USA. Quickbase is on a mission to eliminate Gray Work, empowering organizations with their Dynamic Work Management platform. The Senior Security Analyst, Compliance & Risk will ensure security compliance, manage risk activities, and act as a liaison between Security and the Governance, Risk, and Compliance organization.ResponsibilitiesServe as the Security team's primary point of contact for SOC 1, SOC 2, ISO 27001, HIPAA, and other compliance auditsPartner with internal and external auditors to support evidence collection, walkthroughs, testing activities, and remediation effortsEnsure Security-owned controls are operating effectively and remain audit-ready throughout the yearCoordinate remediation activities for audit findings, control deficiencies, and security gapsMaintain control documentation, evidence repositories, and audit artifactsMaintain and support the lifecycle of security policies, standards, procedures, and operational documentationEnsure security governance documentation remains aligned with business, regulatory, and compliance requirementsSupport policy reviews, approvals, and periodic updatesConduct security risk assessments for technologies, business initiatives, vendors, and emerging risksMaintain Security-owned risks within the enterprise risk management programFacilitate risk acceptance, exception management, and remediation tracking processesDevelop security risk reporting and metrics for Security leadershipPerform security reviews and risk assessments of vendors, SaaS providers, AI technologies, and strategic partnersPartner with Procurement, Legal, Privacy, and business stakeholders during vendor onboarding and renewalsSupport M&A security due diligence and integration activities when requiredSupport customer security assessments, due diligence requests, and security questionnairesMaintain customer-facing security documentation and trust artifactsAssist with Trust Center content and security assurance initiativesPartner with Sales and Customer Success teams to address customer security concernsSupport security awareness initiatives, phishing simulations, and compliance training activitiesMeasure program effectiveness and identify opportunities for improvementPromote a strong security culture across the organizationLeverage GRC and security tooling to improve compliance visibility and operational efficiencyIdentify opportunities to automate evidence collection, control monitoring, reporting, and risk trackingUtilize AI-enabled capabilities to improve audit readiness, reporting quality, workflow efficiency, and continuous compliance activitiesDevelop metrics and dashboards to support executive reporting and program maturitySkills5–9 years of experience in cybersecurity, security compliance, governance, risk management, audit, security assurance, or related security functions within SaaS, cloud-native, or technology organizationsHands-on experience supporting or leading SOC 2, SOC 1, ISO 27001, HIPAA, GDPR, NIST, or similar compliance and security frameworksStrong understanding of security controls, risk assessment methodologies, control testing, audit evidence management, and remediation trackingExperience partnering with internal and external auditors and managing audit readiness activities across multiple concurrent compliance programsProven ability to drive security, compliance, and risk initiatives across cross-functional teams without direct authorityExperience conducting security reviews of vendors, cloud services, AI solutions, and third-party providersFamiliarity with GRC and compliance platforms such as Vanta, Drata, OneTrust, AuditBoard, or similar solutionsStrong understanding of cloud security concepts and controls across AWS, Azure, and/or GCP environmentsExcellent analytical, organizational, written, and verbal communication skills, with the ability to communicate effectively with technical and non-technical stakeholdersExperience supporting customer security assessments, security questionnaires, Trust Center activities, or enterprise sales security reviewsExperience working in high-growth SaaS, private equity-backed, or regulated environmentsProfessional certifications such as CISA, CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or equivalentExperience leveraging automation, AI-enabled workflows, or continuous control monitoring solutions to improve compliance and operational efficiencyBenefitsBonus/commission eligibilityAccess to a full benefits package including health insurance, 401k, paid time off, etc.Company OverviewQuickbase helps organizations see, connect and control every element of the complex projects. It was founded in 1999, and is headquartered in Boston, Massachusetts, USA, with a workforce of 501-1000 employees. Its website is http://quickbase.com.Company H1B SponsorshipQuickbase has a track record of offering H1B sponsorships, with 3 in 2026, 8 in 2025, 5 in 2024, 5 in 2023, 8 in 2022, 5 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.