Who We are

Electric is on a mission to simplify IT for small businesses everywhere. In the US alone, 99% of companies are small businesses, and we have a huge opportunity to impact how they run by providing a solution that makes managing IT easy (even if you’re not an IT expert)! We do that for almost 1,000 small businesses and over 55,000 users with IT Management Software that makes technical things like device management, application provisioning, cybersecurity policies, employee onboarding, and compliance reporting easy to manage and improve.

Our employees are our most valuable asset. We have a people-first culture that prioritizes inclusion, support, growth, and development. You're not just an employee here; you're an important part of our community and of our mission to simplify IT.

If you want to bring your skills to a highly collaborative team and are passionate about pairing the creative with the analytical, have a flair for testing and experimentation, embody grit, determination, and curiosity, and want to be part of bringing Electric to small businesses across the U.S., read on.

Overview 

Electric’s Information Security team is seeking an Information Security GCR Analyst to be an integral part of our growing InfoSec team managing the compliance program. Reporting to the Security Operations Manager, this role will focus on operating and improving our compliance processes and tools related to SOC 2, ISO 27001/27002, HIPAA, and PCI. This is a team-oriented position that has the opportunity to collaborate across various parts of the organization such as Internal IT, Product, Engineering, Facilities, HR, and Service Operations. The ideal candidate will have the ability to manage a complex and maturing compliance program, leveraging modern tools, technologies, and practices.

What you’ll do

• Develop, support, and enforce information security policies, standards, and guidelines for Electric’s systems and users
• Lead the update, review, and approval processes for the security policies/standards
• Define, formalize, and mature an information security compliance program focused on increasing the overall organizational security posture to ensure the protection of both Electric and customer data
• Support and respond to information security inquiries from other teams within Electric
• Manage SOC 2, PCI, HIPAA and ISO 27001/27002 compliance activities
• Lead Electric’s risk assessment processes
• Drive the ongoing development and maturity of the governance, risk, and compliance programs
• Track security deficiencies through the documentation of findings, monitor the follow-through of remediation work and ensure closure of issues
• Lead by example in a team that supports each other, makes others feel welcome, and succeeds (or fails) together

Who you are

• Minimum of 2-4 years experience in a GRC, audit or security role
• Strong knowledge of security, compliance, privacy, and risk management frameworks
• Must be organized, detail-oriented, deadline-driven, and able to handle multiple responsibilities in a fast-paced environment
• Experience managing SOX, SOC 2, ISO 27001/27002, HIPAA, or NIST audit and compliance activities
• Experience managing compliance within a software development-heavy or cloud-first organization 

Read about working at Electrichereand meet ourleadership team! 

We offer a range of benefits that include: 

• Flexible and generous PTO 
• Mental Wellness Days 
• Volunteer Days
• Medical, Vision, Dental, and Orthadontia Coverage
• 401k 
• ESOP (Employee Stock Option Program)
• Kindbody Membership for Family Planning
• Pre-taxed Commuter Benefits 
• Generous Parental Leave
• Paid medical, family, and military leave
• Short and Long Term Disability 
• Employee Assistance Programs 
• Life Insurance funded by Electric
• Training and career growth 
• Awesome team building events! 

Where?

We are headquartered in NYC, with an office in Denton, TX and remote locations across 24 states. Our largest markets outside of the Tri-State area and Dallas-Fort Worth area are San Diego, Denver, Raleigh. We embrace a hybrid culture and offer opportunities throughout the year for folks to get together in regional markets or at HQ.  With a widely distributed team, we are used to working remotely across different time zones. 

See below to see if you are eligible to work within the 24 states we hire in: Arizona, California, Colorado, Connecticut, Florida, Georgia, Maine, Maryland, Massachusetts, Michigan, Minnesota, Missouri, Nebraska, New Jersey, New York, North Carolina, Oklahoma, Oregon, Rhode Island, South Carolina, Tennessee, Texas, Virginia, Wisconsin. 

Standard Working Hours: local timezone, 9:00AM - 6:00PM

We are an equal opportunity employer. 

We are proud to foster a workplace free from discrimination. We strongly believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product for our users. 

We are committed to creating a diverse and inclusive work environment. Electric does not discriminate against candidates or employees because of their sex, race, gender identity, disability, age, sexual orientation, religion, national origin, veteran status or any other protected status under the law.

Accommodations

Electric is committed to providing access, equal opportunities, and reasonable accommodations for individuals with disabilities. To request a reasonable accommodation as part of the recruitment process, please contact: TA@electric.ai. 

About Invoca

Invoca is the industry leader and innovator in AI and machine learning-powered Conversation Intelligence. With over 400 employees, 2,000+ customers, and $100M in revenue, there are tremendous opportunities to continue growing the business. We are building a world-class SaaS company and have raised over $184M from leading venture capitalists including Upfront Ventures, Accel, Silver Lake Waterman, H.I.G. Growth Partners, and Salesforce Ventures.

About the Role

Do you have a background in security and compliance regulations such as PCI, CCPA, GDPR, SOC 2 and HIPAA? Are you experienced in responding to vulnerability assessments? Do you naturally spot opportunities for improvement and then turn that into action? We are seeking an Information Security Analyst 2 to join the Engineering team and work closely with other teams to safeguard Invoca and its employees, customers, and Intellectual Property.

Essential Functions

• You will maintain Information Security and Privacy policies to prevent internal or external attacks or attempts to infiltrate company systems
• You will craft and deliver creative ways to foster security awareness training throughout the organization
• You will work with department heads and executive team members to ensure company-wide compliance with PCI, SOC 2, ISO 27001, GDPR and other regulations
• You will support our Customer Success and Sales teams by reviewing and responding to our customers' security and privacy concerns and requirements
• You will lead Invoca through third party audits by collecting and organizing evidence and presenting to auditors
• You will monitor and institute remediation plans for vulnerability assessments and security audits, evaluating system security configurations to ensure efficacy and compliance with policies and procedures

Qualifications 

• 1 - 3 years experience dealing with one of the following security and compliance regulations like PCI, SOC 2, ISO or  HIPPA
• Excellent verbal and written communication skills and good interpersonal skills to work effectively across teams
• Experience with reading and understanding vulnerability assessments and developing remediation plans
• Some technical experience desired such as software development, system administration, etc.

Location: This position may be fully remote but we require candidates to be located in California, Colorado, Illinois, Texas and Georgia.

Salary, Benefits & Perks:

Teammates begin receiving benefits on the first day of the month following or coinciding with one month of employment. Offerings include:

• Paid Time Off -Invoca encourages a work-life balance for our employees. We have an outstanding PTO policy starting at 20 days off for all full-time employees. We also offer 15 paid holidays, 10 days of Compassionate Leave, days of volunteer time, and more.
• Healthcare -Invoca offers a healthcare program that includes medical, dental, and vision coverage. There are multiple plan options to choose from. You can make the best choice for yourself, your partner, and your family.
• Retirement - Invoca offers a 401(k) plan through Fidelity with a company match of up to 4%.
• Stock options - All employees are invited to ownership in Invoca through stock options.
• Employee Assistance Program -Invoca offers well-being support on issues ranging from personal matters to everyday-life topics through the WorkLifeMatters program.
• Paid Family Leave -Invoca offers up to 6 weeks of 100% paid leave for baby bonding, adoption, and caring for family members.
• Paid Medical Leave - Invoca offers up to 12 weeks of 100% paid leave for childbirth and medical needs.
• Sabbatical -We thank our long-term team members with an additional week of PTO and a bonus after 7 years of service.
• Wellness Subsidy - Invoca provides a wellness subsidy applicable to a gym membership, fitness classes, and more.
• Position Base Range -Salary Range / plus bonus potential
• Please note, per Invoca's Covid-19 policy, depending on your vaccine verification status, you may be required to work only from home / remotely. At this time, travel and in-person meetings will require verification. This policy is regularly reviewed and subject to change at any time.
• Position Base Range -$68,000.00 - $95,500.00,plus bonus potential

DEI Statement

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal-opportunity workplace.

#LI-Remote