About Invoca:

Invoca is the industry leader and innovator in AI and machine learning-powered Conversation Intelligence. With over 300 employees, 2,000+ customers, and $100M in revenue, there are tremendous opportunities to continue growing the business. We are building a world-class SaaS company and have raised over $184M from leading venture capitalists including Upfront Ventures, Accel, Silver Lake Waterman, H.I.G. Growth Partners, and Salesforce Ventures.

About the Team:

You’ll join a team where everyone, including you, is striving to constantly improve their knowledge of tools, practices, and processes. We are an incredibly supportive team. We swarm when problems arise and give great feedback to help each other grow. Working on our close-knit, cross-functional teams is a great chance to grow your knowledge of different domains from databases to front ends to telephony and everything in between.

We are passionate about many things: continuous improvement, working at a brisk but sustainable pace, writing resilient code, maintaining production reliability, paying down technical debt, hiring fantastic teammates; and we love to share these passions with each other.

Learn more about the Invoca development team on our blog and check out our open source projects.

About the Role:

Invoca offers an unusually valuable engineering experience. You will be part of a team of world-class Engineers scaling our Information Security program with our rapidly growing company and SaaS application. You’ll find new and creative ways to secure our platform and people. Our remote-first team is committed to upholding high standards via modern methodologies of agile software development, test-driven development, and DevOps.

This role is open to U.S.-based candidates only. At this time, we are unable to provide visa sponsorship for this position.

You Will:

Drive organizational compliance

• Develop and execute a comprehensive global compliance strategy aligned with the organization’s business objectives and values
• Drive compliance with various global regulations, including but not limited to, PCI 4, SOC 2, GDPR, ISO 27001, CCPA, HIPAA
• Partner with cross-functional teams including, but not limited to, Engineering, HR, Legal, Sales, CSM’s and stakeholders across the organization to ensure consistent and concise communications 
• Lead regular audits to ensure the compliance program is functioning appropriately and remediate gaps as appropriate to further mitigate compliance related risks.
• Maintain Information Security and Privacy policies to prevent internal or external attacks or attempts to infiltrate company systems
• Develop solutions to operationalize the maintenance of Invoca’s Compliance Program

Project Management

• Lead and manage key security and compliance-related projects, ensuring milestones are met and resources are allocated effectively.
• Collaborate with cross-functional teams to ensure successful execution of Governence, Risk and Compliance initiatives and projects, from conception to implementation.
• Monitor project timelines, deliverables, and stakeholder expectations, providing regular status updates to leadership and making adjustments as needed.

Create confident customers 

• You will support our Customer Success and Sales teams by reviewing and responding to our customers' security and privacy concerns and requirements
• Develop solutions and processes for sales enablement related to Invoca’s Security and compliance program

Educate organization on compliance

• Keep stakeholders up to date on new regulations and compliance changes in advance to upcoming third party audits
• You will work closely with the entire organization to help manage and train other teams on our GRC program

Team Enablement

• Provide roadmap guidance for the long term direction of the team and compliance practices
• Provide mentorship for Junior members of the team

You Have:

• 3- 5 years of experience as an Information Security Analyst
• Knowledge and experience dealing with security and compliance regulations like PCI 4, SOC2, SOX, GDPR, ISO 27001, HIPAA and others
• Excellent verbal and written communication skills and good interpersonal skills to work effectively across teams
• Experience with reading and understanding compliance requirements and regulations and the ability to explain them to other teams and team members
• Proven experience managing security or compliance projects, ensuring delivery within scope and on time.
• Ability to manage project resources, timelines, and stakeholder expectations, ensuring alignment with organizational goals.

Salary, Benefits & Perks:

Teammates begin receiving benefits on the first day of the month following or coinciding with one month of employment. Offerings include:

• Paid Time Off -Invoca encourages a work-life balance for our employees. We have an outstanding PTO policy starting at 20 days off for all full-time employees. We also offer 16 paid holidays, 10 days of Compassionate Leave, days of volunteer time, and more.
• Healthcare -Invoca offers a healthcare program that includes medical, dental, and vision coverage. There are multiple plan options to choose from. You can make the best choice for yourself, your partner, and your family.
• Retirement - Invoca offers a 401(k) plan through Fidelity with a company match of up to 4%.
• Stock options - All employees are invited to ownership in Invoca through stock options.
• Employee Assistance Program -Invoca offers well-being support on issues ranging from personal matters to everyday-life topics through the WorkLifeMatters program.
• Paid Family Leave -Invoca offers up to 6 weeks of 100% paid leave for baby bonding, adoption, and caring for family members.
• Paid Medical Leave - Invoca offers up to 12 weeks of 100% paid leave for childbirth and medical needs.
• Sabbatical -We thank our long-term team members with an additional week of PTO and a bonus after 7 years of service.
• Wellness Subsidy - Invoca provides a wellness subsidy applicable to a gym membership, fitness classes, and more.
• Position Base Range -$85,500 - 110,000Salary Range / plus bonus potential

DEI Statement

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

#LI-Remote

Why you'll love this role

The IAM Specialist is responsible for the design, implementation, and maintenance of the organization's Identity and Access Management (IAM) systems and processes. This role plays a crucial part in ensuring that the right individuals have appropriate access to resources, while protecting sensitive data and systems from unauthorized access.

What you’ll do:

• Authentication and Authorization:
• Implement and maintain authentication mechanisms (e.g., multi-factor authentication, password policies).
• Configure and manage access control policies and rules.
• Monitor authentication logs for suspicious activity.
• Identity Governance:
• Assist in developing and enforcing IAM policies and procedures.
• Conduct regular access reviews and certifications.
• Ensure compliance with relevant regulations and standards (e.g., GDPR).
• Privileged Access Management (PAM):
• Use PAM solutions to monitor and control privileged access.
• Audit privileged activity and sessions.
• User Provisioning and Deprovisioning:
• Work with IT on automation of user provisioning and deprovisioning processes.
• Knowledge of onboarding and offboarding processes
• Single Sign-On (SSO):
• Knowledge of SSO solutions for seamless user access to multiple applications.
• Documentation and Training:
• Develop and maintain documentation for IAM processes and procedures.
• Provide training to end-users and other stakeholders on IAM policies and best practices.
• Security Monitoring and Incident Response:
• Monitor IAM systems for security events and incidents.
• Assist in investigating and responding to security breaches related to identity and access.

About you:

• Education: Bachelor's degree in Computer Science, Information Security, or a related field.
• Experience: 2-3 years of experience in IAM or a related field.
• Certifications: CISSP, CISM, or other relevant security certifications are a plus.
• Skills:
  • Strong understanding of IAM principles and technologies.
  • Strong understanding of Cloud Services & IAM controls
  • Strong understanding of IAM concepts, such as roles, policies, groups, and federation. Proficiency in AWS IAM services and features. Familiarity with scripting languages (e.g., Python, Bash).
  • Experience with common IAM solutions (e.g., Active Directory, Okta, Azure AD, AWS).
  • Proficiency in scripting or programming languages (e.g., PowerShell, Python) for automation.
  • Knowledge of security protocols (e.g., SAML, OAuth, OpenID Connect).
  • Understanding of relevant regulations and standards (e.g., GDPR, HIPAA).
  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal skills.

Additional Skills (Preferred):

• Experience with other cloud platforms (e.g., Azure, GCP).
• Knowledge of infrastructure as code (IaC) tools (e.g., Terraform, CloudFormation).
• Experience with security information and event management (SIEM) systems.

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

Pursuant to the various pay transparency laws/acts, the base salary range is $100,000 to $120,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.