Jobs · Information Technology · Massachusetts

Sr Security Analyst

Quickbase · Boston, MA · 1 wk ago
Information Technology$91k–$144k/yrFull-time

Position Summary

Reporting to the CISO, the Senior Security Analyst, Compliance & Risk serves as a key member of the Security team and acts as the primary liaison between Security and the broader Governance, Risk, and Compliance (GRC) organization. This role is responsible for ensuring Security-owned controls remain audit-ready, supporting enterprise compliance initiatives, managing security risk activities, conducting third-party security assessments, and helping drive a culture of continuous improvement across the security program.

Level & Scope

This Role Operates independently across multiple workstreams and compliance frameworks. Owns execution and continuous improvement of Security compliance and risk programs. Influences cross-functional stakeholders without direct authority. Balances operational execution with strategic program enhancement. Drives scalable, automation-enabled security assurance processes. Serves as a trusted advisor to Security leadership and business stakeholders.

Key Responsibilities

  • Security Compliance & Audit Readiness

    • Serve as the Security team's primary point of contact for SOC 1, SOC 2, ISO 27001, HIPAA, and other compliance audits.
    • Partner with internal and external auditors to support evidence collection, walkthroughs, testing activities, and remediation efforts.
    • Ensure Security-owned controls are operating effectively and remain audit-ready throughout the year.
    • Cook up and execute remediation activities for audit findings, control deficiencies, and security gaps.
    • Maintain control documentation, evidence repositories, and audit artifacts.
  • Security Governance

    • Maintain and support the lifecycle of security policies, standards, procedures, and operational documentation.
    • Ensure security governance documentation remains aligned with business, regulatory, and compliance requirements.
    • Support policy reviews, approvals, and periodic updates.
  • Security Risk Management

    • Conduct security risk assessments for technologies, business initiatives, vendors, and emerging risks.
    • Maintain Security-owned risks within the enterprise risk management program.
    • Facilitate risk acceptance, exception management, and remediation tracking processes.
    • Develop security risk reporting and metrics for Security leadership.
  • Third-Party Security Risk Management

    • Perform security reviews and risk assessments of vendors, SaaS providers, AI technologies, and strategic partners.
    • Partner with Procurement, Legal, Privacy, and business stakeholders during vendor onboarding and renewals.
    • Support M&A security due diligence and integration activities when required.
  • Customer Trust & Security Assurance

    • Support customer security assessments, due diligence requests, and security questionnaires.
    • Maintain customer-facing security documentation and trust artifacts.
    • Afford assistance with Trust Center content and security assurance initiatives.
    • Partner with Sales and Customer Success teams to address customer security concerns.
  • Security Awareness & Training

    • Support security awareness initiatives, phishing simulations, and compliance training activities.
    • Measure program effectiveness and identify opportunities for improvement.
    • Promote a strong security culture across the organization.
  • Security Operations Excellence, Automation & AI Enablement

    • Leverage GRC and security tooling to improve compliance visibility and operational efficiency.
    • Identify opportunities to automate evidence collection, control monitoring, reporting, and risk tracking.
    • Utilize AI-enabled capabilities to improve audit readiness, reporting quality, workflow efficiency, and continuous compliance activities.
    • Develop metrics and dashboards to support executive reporting and program maturity.

Qualifications

  • Experience

    • 5–9 years of experience in cybersecurity, security compliance, governance, risk management, audit, security assurance, or related security functions within SaaS, cloud-native, or technology organizations.
  • Hands-on Experience

    • Hands-on experience supporting or leading SOC 2, SOC 1, ISO 27001, HIPAA, GDPR, NIST, or similar compliance and security frameworks.
  • Knowledge

    • Strong understanding of security controls, risk assessment methodologies, control testing, audit evidence management, and remediation tracking.
  • Collaboration

    • Proven ability to drive security, compliance, and risk initiatives across cross-functional teams without direct authority.
  • Vendor Reviews

    • Experience conducting security reviews of vendors, cloud services, AI solutions, and third-party providers.
  • Tools

    • Familiarity with GRC and compliance platforms such as Vanta, Drata, OneTrust, AuditBoard, or similar solutions.
  • Cloud Knowledge

    • Strong understanding of cloud security concepts and controls across AWS, Azure, and/or GCP environments.
  • Communication

    • Excellent analytical, organizational, written, and verbal communication skills, with the ability to communicate effectively with technical and non-technical stakeholders.
  • Customer Support

    • Experience supporting customer security assessments, security questionnaires, Trust Center activities, or enterprise sales security reviews is preferred.
  • Industry Experience

    • Experience working in high-growth SaaS, private equity-backed, or regulated environments is highly desirable.
  • Certifications

    • Professional certifications such as CISA, CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.
  • Automation & AI

    • Experience leveraging automation, AI-enabled workflows, or continuous control monitoring solutions to improve compliance and operational efficiency is a plus.

What Success Looks Like

Within the first year, the successful candidate will:

  • Consistently maintain Security audit readiness across multiple compliance frameworks.

  • Reduce audit preparation effort through process improvements and automation.

  • Improve visibility and management of Security-owned risks.

  • Strengthen vendor security review and customer assurance processes.

  • Establish meaningful security metrics and reporting for leadership.

  • Become a trusted partner to Engineering, Product, IT, Legal, Privacy, and business stakeholders.

  • Help advance Quickbase's culture of trust, security, and operational excellence.

How We Think About AI

At Quickbase, we view AI as a tool to accelerate how work gets done — not replace it. We encourage thoughtful use of AI to improve speed, quality, and decision-making, while maintaining strong judgment, accountability, and data integrity.

Pay Range

$91,465.85 - $143,732.05

Compensation & Benefits

  • Compensation

    • Incentive Compensation: This role is eligible to participate in our annual incentive plan. Incentives are earned based on employee performance against defined metrics and company goals.
  • Benefits

    • Full-time roles are eligible for our comprehensive benefits program which includes medical, dental and vision coverage.
    • You may also contribute to our 401(k) plan that includes a company match.

Equal Opportunity Statement

Quickbase is committed to building a diverse and inclusive workplace. We encourage candidates from all backgrounds to apply – even if you don’t meet every qualification listed. We are proud to be an equal opportunity employer.

Similar jobs

Sr. Security Analyst

Motion RecruitmentAtlanta, GA· 4 days ago
$42.1–$47.1/hrapply on motionrecruitment.com

Sr. Security Analyst

NLB ServicesAtlanta, GA· 6 days ago
Information Technologyapply on www2.jobdiva.com

Sr. Security Analyst

Horizontal TalentAtlanta, GA· 1 wk ago
Information Technologyapply on horizontaltalent.com

Sr. Security Analyst

LippertUnited States· 1 wk ago
RemoteInformation Technologyapply on careers.lippert.com

Sr Info Security Analyst

Alutiiq, LLCBoulder, CO· 1 mo ago
Information Technology$185k–$210k/yrapply on alutiiq.hua.hrsmart.com