Information Security Associate

About The Position

Requirements

• Foundational knowledge of information security and compliance concepts
• Experience editing or maintaining policies, procedures, or compliance documentation
• Exposure to audits, risk assessments, or security questionnaires
• General technical understanding of IT systems, endpoints, and networks
• Familiarity with endpoint or device management tools (e.g., CrowdStrike, MDM)
• Strong organizational skills and attention to detail
• Clear written and verbal communication skills
• Ability to work cross-functionally and follow established processes

Nice To Haves

• Exposure to frameworks such as SOC 2, ISO 27001, GDPR, NIST CSF
• Familiarity with GRC or compliance automation tools
• Entry-level security or compliance certifications

Responsibilities

• Support the company’s security and compliance program under the direction of the Director of Security
• Maintain and update security, privacy, and compliance policies and documentation
• Assist with customer and vendor security questionnaires, including evidence collection
• Support internal and external audits by organizing evidence, tracking requests, and coordinating with internal teams
• Help manage and operate compliance and security tools (e.g., GRC platforms, monitoring tools)
• Track changes to security and regulatory requirements and flag potential impacts
• Partner with IT and Security teams to support systems for network, endpoint, and user controls (e.g., EDR, MDM)
• Respond to security and compliance inquiries from internal and external stakeholders

Benefits

• Work remotely within a flexible work environment (our team spans the US and Canada)
• Competitive company-paid benefits plan
• Generous professional development budget
• Half-day Fridays in the summer + weekly meeting free time blocks