Security & Compliance Analyst

Job Title: Security & Compliance Analyst Location: Remote (US-only) About InMarket Since 2010, InMarket has been the leader in 360-degree consumer intelligence and real-time activation for thousands of today's top brands. Through InMarket's data-driven marketing platform, brands can build targeted audiences, activate media in real time, and measure success in driving return on ad spend. InMarket's proprietary Moments offering outperforms traditional mobile advertising by 6x.* Our LCI attribution platform, which won the MarTech Breakthrough Award for Best Advertising Measurement Platform, was validated by Forrester to drive an average of $40 ROAS for our clients. • Source: Wordstream US Google Display Benchmarks for Mobile Media About the Role This role is centered on protecting InMarket's data and customers by ensuring enterprise-wide security and compliance. You will be an outcomes-focused specialist responsible for managing and executing the company's core security compliance programs, primarily SOC 2 and ISO 27001. The core function is to maintain a continuous state of audit-readiness, proactively manage evidence, lead the technical response to all customer security questionnaires, and drive security policy in partnership with the Legal department. You will secure critical cloud infrastructure and engineer lasting solutions. Your Daily Impact as a Security & Compliance Analyst • You are the lead owner and primary executor for maintaining the company's security compliance programs, with a heavy focus on SOC 2 and ISO 27001. • Your mission is to proactively manage evidence collection, ensure continuous control adherence, lead the technical response to all customer security questionnaires, and drive key security and policy initiatives in close partnership with the Legal department. • Success is measured by the clarity and quality of compliance documentation, a continuous state of audit-readiness, and effective cross-functional collaboration. • Audit-Readiness: Maintain a system of record for all required compliance evidence, ensuring documentation is accurate, complete, and immediately auditable. • Evidence Collection: Proactively collect, validate, and organize all necessary artifacts and data to satisfy control requirements for formal SOC 2 and ISO 27001 audits. • Control Monitoring: Review and validate the operational effectiveness of security controls across cloud, endpoint, and identity platforms. • Questionnaire Leadership: Lead the end-to-end process for responding to all customer-facing security questionnaires, ensuring technical accuracy and consistent messaging. • Artifact Management: Maintain and continually update a secure, up-to-date library of security policies, audit reports, and compliance certifications for customer requests. • Policy Alignment: Work closely with the Legal department to draft, review, and update internal security policies and standards to ensure they comply with SOC 2, ISO 27001, and other regulatory requirements. • Risk Consultation: Act as the technical security expert for Legal department initiatives related to data privacy, contractual security requirements, and vendor due diligence. Your Experience and Expertise • 3-5 years of experience in a security, compliance, or audit-focused role. • Demonstrable experience leading or significantly contributing to a SOC 2 Type II and/or ISO 27001 certification or audit cycle. • Proven ability to manage evidence collection and maintain a system of record for compliance artifacts. • Technical understanding of security controls across cloud environments (AWS, GCP, or Azure), endpoint protection, and identity and access management (IAM). • Strong organizational skills with a rigorous, detail-oriented approach to documentation and control validation. • Excellent written and verbal communication skills, with experience responding to customer security questionnaires. Nice-to-Haves • Relevant certifications • Familiarity with IT tracking and remediation systems (e.g., Jira, ServiceNow). • Experience partnering with Legal or external counsel on security policy drafting, risk consultation, or vendor due diligence. • Familiarity with other regulatory frameworks (e.g., GDPR, CCPA, HIPAA). • Prior experience in a fast-paced, remote-first technology or ad-tech company. Benefits Summary • Competitive salary, stock options, flexible vacation • Medical, Dental and Flexible Spending Account (FSA) • Company Matched 401(k) • Unlimited PTO (Within reason) • Talented co-workers and management • Agile Development Program (For continued learning/professional development) • Paid Paternity & Maternity Leave For candidates in California, Colorado, New York City, Illinois, Ohio, Minnesota, New Jersey, Vermont, Washington and Massachusetts, the Targeted Base Salary Range for this role is $112,500 to $125,000. This role is also eligible for an 8% bonus based on achievement of company goals. Actual salaries will vary depending on factors including but not limited to work experience, specialized skills and training, performance in role, business needs, and job requirements. Base salary is subject to change and may be modified in the future. Base salary is just one component of InMarket's total rewards package that also may include bonus, equity, and benefits. Ask your recruiter for more information! At InMarket, diversity is not just a value, it's the very essence of who we are. It's about recognizing and celebrating the unique perspectives each of us brings, from our colleagues to the communities we serve.We are committed to embracing the full spectrum of backgrounds, beliefs, abilities, and life experiences, knowing that this diversity strengthens us. At InMarket, our commitment to Diversity, Equity, and Inclusion means valuing each individual's unique contributions. Together, we thrive. InMarket is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability, or veteran status. Privacy Notice for California Job Applicants: #LI-Remote Remote About the Company: InMarket Apply tot his job