Information Security Analyst Remote Jobs

4 Results

1d

Information Security Analyst

Employment Hero,Western Australia,Australia, Remote
3 years of experienceremote-firstDesign

Employment Hero is hiring a Remote Information Security Analyst

Our mission and where you fit in

At Employment Hero, we’re an ambitious bunch on a mission to make employment easier and more valuable for everyone. 

Since our inception in 2014 we've had some pretty impressive growth (100% YoY), now serving 300,000 businesses globally, with 2 million+ users on the platform, reaching unicorn status in 2022 - and we have no plans to slow down. 

There’s never been a more exciting time to join one of the fastest-growing SaaS unicorns, so let’s see if we could be a match!

What your days might look like

The Information Security Analyst plays a key role in protecting sensitive data and ensuring the security of Employment Hero’s systems. This position is responsible for monitoring security events, conducting threat assessments, ensuring compliance with industry standards, and contributing to the overall security strategy. The analyst will support incident response, implement security solutions, and collaborate with teams to improve security practices.

As our Information Security Analyst, you will:

  • Monitor and analyse security events using SIEM tools, addressing incidents promptly to mitigate risks, protect data, and maintain business continuity.
  • Perform regular vulnerability scans, provide threat assessments, and develop remediation strategies to address security risks.
  • Support security incident management through root cause analysis, documentation, and recommending remediation actions.
  • Conduct cloud security reviews, ensuring alignment with security-by-design principles and mitigating risks in the cloud environment.
  • Develop and maintain documentation for security procedures, fostering collaboration to share knowledge across the organisation.
  • Review dark web mentions, data leak detections and compromised credential alerts to analyse develop and implement strategies to protect Employment Hero.

What you will bring

  • Experience with security tools such as Endpoint Protection, SASE, GRC, MDM (Mac and PC), Email Gateway, IDP, WAF, and Phishing Training.
  • Knowledge of ISO 27001, 27017, and 27018 frameworks, contributing to policy and procedure development.
  • Hands-on experience with incident response, investigations, disaster recovery (DR), and business continuity planning (BCP).
  • Strong technical background with the ability to assess and implement security solutions that align with business goals.
  • At least 3 years of experience in a similar role.
  • A proactive mindset with a focus on continuous learning, staying current with cybersecurity trends to enhance Employment Hero’s security posture.
  • Self-starting with ownership and accountability, taking initiative and driving projects to completion.
  • Strong collaboration and communication skills, confidently challenging ideas and engaging with stakeholders.
  • Innovative and proactive in developing new ideas to improve the security framework.
  • Industry certifications such as CISSP, CISM, or CISA are highly desirable.

Experience is important, but for us the biggest measure of success is people who can live and breathe The EH Way of working. Show us what you can bring to the table, and we’ll empower you to let your talents shine.

The EH Way

The EH Way is how we describe our culture at Employment Hero and how we all operate. It is our DNA. You can read all about it on our careers page: https://employmenthero.com/careers/ 

In short, you’ll love working with us if:

  • Revolutionising employment gets your heart racing.
  • You thrive on the flexibility (and responsibility) of a remote-first business.
  • Our values align, and shape how you show up every day.
  • You love the dynamic pace of a startup, are driven by innovation, and enjoy working with other smart people.

Plus, you’ll get to enjoy a number of great perks, including: 

  • A generous budget for your home office.
  • Cutting-edge tools and technology.
  • Reward and recognition programs - because great work should be recognised and rewarded.
  • Cashback offers and discounts on popular brands through our Swag app.
  • Employee Share Option Program: be an owner of Employment Hero.
  • Annual Global Gathering - so far we’ve been to Thailand, Vietnam, Bali and are excited to meet in Dubai in September 2025.

Are we a match? 

Think we're the right match for you? Fantastic! Click 'Apply' and our talent team will reach out with the next steps.

At Employment Hero, we are committed to safeguarding the privacy of your application data. To understand how we do so, you can read our Applicant Privacy Policy here: https://employmenthero.com/legals/applicant-policy/

Employment Hero celebrates diverse perspectives and experiences, we invite people of all backgrounds and identities to apply for this position.

See more jobs at Employment Hero

Apply for this job

+30d

Senior Information Security Analyst II

InvocaRemote
Salesagile5 years of experienceremote-firstsalesforce

Invoca is hiring a Remote Senior Information Security Analyst II

About Invoca:

Invoca is the industry leader and innovator in AI and machine learning-powered Conversation Intelligence. With over 300 employees, 2,000+ customers, and $100M in revenue, there are tremendous opportunities to continue growing the business. We are building a world-class SaaS company and have raised over $184M from leading venture capitalists including Upfront Ventures, Accel, Silver Lake Waterman, H.I.G. Growth Partners, and Salesforce Ventures.

About the Team:

You’ll join a team where everyone, including you, is striving to constantly improve their knowledge of tools, practices, and processes. We are an incredibly supportive team. We swarm when problems arise and give great feedback to help each other grow. Working on our close-knit, cross-functional teams is a great chance to grow your knowledge of different domains from databases to front ends to telephony and everything in between.

We are passionate about many things: continuous improvement, working at a brisk but sustainable pace, writing resilient code, maintaining production reliability, paying down technical debt, hiring fantastic teammates; and we love to share these passions with each other.

Learn more about the Invoca development team on our blog and check out our open source projects.

About the Role:

Invoca offers an unusually valuable engineering experience. You will be part of a team of world-class Engineers scaling our Information Security program with our rapidly growing company and SaaS application. You’ll find new and creative ways to secure our platform and people. Our remote-first team is committed to upholding high standards via modern methodologies of agile software development, test-driven development, and DevOps.

This role is open to U.S.-based candidates only. At this time, we are unable to provide visa sponsorship for this position.

You Will:

Drive organizational compliance

  • Develop and execute a comprehensive global compliance strategy aligned with the organization’s business objectives and values
  • Drive compliance with various global regulations, including but not limited to, PCI 4, SOC 2, GDPR, ISO 27001, CCPA, HIPAA
  • Partner with cross-functional teams including, but not limited to, Engineering, HR, Legal, Sales, CSM’s and stakeholders across the organization to ensure consistent and concise communications 
  • Lead regular audits to ensure the compliance program is functioning appropriately and remediate gaps as appropriate to further mitigate compliance related risks.
  • Maintain Information Security and Privacy policies to prevent internal or external attacks or attempts to infiltrate company systems
  • Develop solutions to operationalize the maintenance of Invoca’s Compliance Program

Project Management

  • Lead and manage key security and compliance-related projects, ensuring milestones are met and resources are allocated effectively.
  • Collaborate with cross-functional teams to ensure successful execution of Governence, Risk and Compliance initiatives and projects, from conception to implementation.
  • Monitor project timelines, deliverables, and stakeholder expectations, providing regular status updates to leadership and making adjustments as needed.

Create confident customers 

  • You will support our Customer Success and Sales teams by reviewing and responding to our customers' security and privacy concerns and requirements
  • Develop solutions and processes for sales enablement related to Invoca’s Security and compliance program

Educate organization on compliance

  • Keep stakeholders up to date on new regulations and compliance changes in advance to upcoming third party audits
  • You will work closely with the entire organization to help manage and train other teams on our GRC program

Team Enablement

  • Provide roadmap guidance for the long term direction of the team and compliance practices
  • Provide mentorship for Junior members of the team

You Have:

  • 3- 5 years of experience as an Information Security Analyst
  • Knowledge and experience dealing with security and compliance regulations like PCI 4, SOC2, SOX, GDPR, ISO 27001, HIPAA and others
  • Excellent verbal and written communication skills and good interpersonal skills to work effectively across teams
  • Experience with reading and understanding compliance requirements and regulations and the ability to explain them to other teams and team members
  • Proven experience managing security or compliance projects, ensuring delivery within scope and on time.
  • Ability to manage project resources, timelines, and stakeholder expectations, ensuring alignment with organizational goals.

 

Salary, Benefits & Perks:

Teammates begin receiving benefits on the first day of the month following or coinciding with one month of employment. Offerings include:

  • Paid Time Off -Invoca encourages a work-life balance for our employees. We have an outstanding PTO policy starting at 20 days off for all full-time employees. We also offer 16 paid holidays, 10 days of Compassionate Leave, days of volunteer time, and more.
  • Healthcare -Invoca offers a healthcare program that includes medical, dental, and vision coverage. There are multiple plan options to choose from. You can make the best choice for yourself, your partner, and your family.
  • Retirement - Invoca offers a 401(k) plan through Fidelity with a company match of up to 4%.
  • Stock options - All employees are invited to ownership in Invoca through stock options.
  • Employee Assistance Program -Invoca offers well-being support on issues ranging from personal matters to everyday-life topics through the WorkLifeMatters program.
  • Paid Family Leave -Invoca offers up to 6 weeks of 100% paid leave for baby bonding, adoption, and caring for family members.
  • Paid Medical Leave - Invoca offers up to 12 weeks of 100% paid leave for childbirth and medical needs.
  • Sabbatical -We thank our long-term team members with an additional week of PTO and a bonus after 7 years of service.
  • Wellness Subsidy - Invoca provides a wellness subsidy applicable to a gym membership, fitness classes, and more.
  • Position Base Range -$85,500 - 110,000Salary Range / plus bonus potential

 

DEI Statement

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

#LI-Remote

 

See more jobs at Invoca

Apply for this job

+30d

Senior Information Security Analyst

StockXRemote, USA
Bachelor's degree3 years of experienceterraformDesignazurepythonAWS

StockX is hiring a Remote Senior Information Security Analyst

Help empower our global customers to connect to culture through their passions.

Why you'll love this role

The IAM Specialist is responsible for the design, implementation, and maintenance of the organization's Identity and Access Management (IAM) systems and processes. This role plays a crucial part in ensuring that the right individuals have appropriate access to resources, while protecting sensitive data and systems from unauthorized access.

What you’ll do:

  • Authentication and Authorization:
    • Implement and maintain authentication mechanisms (e.g., multi-factor authentication, password policies).
    • Configure and manage access control policies and rules.
    • Monitor authentication logs for suspicious activity.
  • Identity Governance:
    • Assist in developing and enforcing IAM policies and procedures.
    • Conduct regular access reviews and certifications.
    • Ensure compliance with relevant regulations and standards (e.g., GDPR).
  • Privileged Access Management (PAM):
    • Use PAM solutions to monitor and control privileged access.
    • Audit privileged activity and sessions.
  • User Provisioning and Deprovisioning:
    • Work with IT on automation of user provisioning and deprovisioning processes.
    • Knowledge of onboarding and offboarding processes
  • Single Sign-On (SSO):
    • Knowledge of SSO solutions for seamless user access to multiple applications.
  • Documentation and Training:
    • Develop and maintain documentation for IAM processes and procedures.
    • Provide training to end-users and other stakeholders on IAM policies and best practices.
  • Security Monitoring and Incident Response:
    • Monitor IAM systems for security events and incidents.
    • Assist in investigating and responding to security breaches related to identity and access.

About you:

  • Education: Bachelor's degree in Computer Science, Information Security, or a related field.
  • Experience: 2-3 years of experience in IAM or a related field.
  • Certifications: CISSP, CISM, or other relevant security certifications are a plus.
  • Skills:
    • Strong understanding of IAM principles and technologies.
    • Strong understanding of Cloud Services & IAM controls
    • Strong understanding of IAM concepts, such as roles, policies, groups, and federation. Proficiency in AWS IAM services and features. Familiarity with scripting languages (e.g., Python, Bash).
    • Experience with common IAM solutions (e.g., Active Directory, Okta, Azure AD, AWS).
    • Proficiency in scripting or programming languages (e.g., PowerShell, Python) for automation.
    • Knowledge of security protocols (e.g., SAML, OAuth, OpenID Connect).
    • Understanding of relevant regulations and standards (e.g., GDPR, HIPAA).
    • Strong analytical and problem-solving skills.
    • Excellent communication and interpersonal skills.

Additional Skills (Preferred):

  • Experience with other cloud platforms (e.g., Azure, GCP).
  • Knowledge of infrastructure as code (IaC) tools (e.g., Terraform, CloudFormation).
  • Experience with security information and event management (SIEM) systems.

 

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

Pursuant to the various pay transparency laws/acts, the base salary range is $100,000 to $120,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.

About Us

StockX is proud to be a Detroit-based technology leader focused on the large and growing online market for sneakers, apparel, accessories, electronics, collectibles, trading cards, and more. StockX's powerful platform connects buyers and sellers of high-demand consumer goods from around the world using dynamic pricing mechanics. This approach affords access and market visibility powered by real-time data that empowers buyers and sellers to determine and transact based on market value. The StockX platform features hundreds of brands across verticals including Jordan Brand, adidas, Nike, Supreme, BAPE, Off-White, Louis Vuitton, Gucci; collectibles from artists including KAWS and Takashi Murakami; and electronics from industry-leading manufacturers Sony, Microsoft, Nvidia, and Apple. Launched in 2016, StockX employs more than 1,000 people across offices and verification centers around the world.
 
 
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. However, this job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position. StockX reserves the right to amend this job description at any time.

See more jobs at StockX

Apply for this job

Emurgo is hiring a Remote Senior Information Security Analyst

Who we are:

EMURGO is the official commercial and venture arm of the Cardano Blockchain, a smart contract platform with advanced security assurance - Currently Top 3 of decentralized smart contract platforms and Top 10 of all cryptocurrencies on CoinMarketCap.

As a founding member of the Cardano protocol, EMURGO develops, supports, and incubates commercial opportunities and helps integrate businesses into our blockchain system.

Our businesses include:

EMURGO Fintech develops the best mobile and wallet applications to interact with the Cardano blockchain to serve as a baseline platform for others to build upon

EMURGO Media has developed a social content platform with the Cardano community at its core and positioned for creation, curation, aggregation and monetization of the ecosystem projects and tools.

EMURGO Academy provides Cardano blockchain courses to students and developers looking to start, or transition to, a career in the blockchain industry, as well as executives and entrepreneurs seeking to understand how Cardano blockchain might augment their businesses.

EMURGO Ventures invests in Web3 initiatives, including DeFi and NFT projects, blockchain developer education tools, and other decentralized application projects, especially those with interoperability potential, as well as middleware solutions companies in developed markets.

EMURGO Africa is an investment vehicle that also provides hands-on acceleration and incubation programs, with $100m having been earmarked for investments in Africa, where a key growth driver in the region is the use of lending and borrowing crypto services for daily life.

Job Summary:

The Senior Information Security Analyst at EMURGO is responsible for overseeing the administrative, operational, and technical aspects of our security controls. This role ensures the availability, operation, maintenance, and security of EMURGO’s computer systems, networks, and data, including both web2 and web3 systems. The analyst conducts risk assessments, evaluates security vulnerabilities, and monitors systems to identify and implement priority mitigations. Additionally, the role involves coordinating or supporting ad-hoc information security projects, developing security policies, and ensuring compliance with regulatory standards.

What You Will Be Doing:

  • Monitor and secure EMURGO’s computer systems, networks, and data.
  • Serves as main IT security person responsible for supporting security initiatives in area of responsibility.
  • Oversee SIEM and vulnerability management platforms, and train technical teams.
  • Continuously monitor and report on the security status of EMURGO’s technology systems.
  • Lead incident response efforts and maintain compliance with security standards.
  • Plan and conduct cybersecurity training and tabletop exercises.
  • Manage internal risk assessments and audits, and oversee external partner engagements.
  • Handle certificate management for secure system operations.
  • Evaluate and recommend security products and services, including budget estimates.
  • Maintain detailed records and contribute to developing security policies and procedures.
  • Plan and conduct internal risk assessments and audits. Serves as project manager for risk assessments and pen tests.

What You Bring to EMURGO:

  • Expertise in vulnerability management, risk assessment, and SIEM operations.
  • Broad knowledge of application, network and system security, including cloud environments.
  • Familiarity with blockchain security and smart contract audits.
  • Experience in leading incident response and managing security projects.
  • Proficiency in planning and executing audits and penetration tests.
  • Skills in creating and delivering security training and enforcing policies.
  • A proactive approach to staying updated on security threats and technologies.
  • Attention to detail and a collaborative approach to fostering a security culture.
  • Ability to align security initiatives with business objectives to support growth.

Technical Knowledge and Skills:

  • Thorough understanding of Information Security, including Vulnerability Management, Risk Assessment, Auditing, Response, and Compliance.
  • Extensive knowledge of networks, applications, cloud environments, and system administration.
  • Proficiency in using SIEM and vulnerability management tools.
  • Proficient in shell scripting and managing TCP/IP protocol stack applications, including Telnet/SSH, FTP (CRT), TFTP, DNS, DHCP.
  • Extensive experience with Microsoft Windows domain networks, firewall management, active directory federation services, multi-factor authentication, and VPN.
  • Expertise in wired and Wi-Fi networking, on-site and remote, integrating with cloud-based resources like Google Workspace and secure connections including SaaS and hosted applications.
  • Knowledgeable in data storage, backup and recovery management, and data center operations.
  • Deep understanding of Syslog and SIEM principles.
  • Expertise in operating systems such as Windows and Linux.
  • Proficiency with browsers like Chrome, Edge, and Mozilla.
  • Skilled in various monitoring and investigative tools such as vulnerability scanning, packet analysis, and forensic drive imaging.
  • Familiarity with multiple programming languages and command-line interface operations.
  • Awareness of regulatory and security standards, encryption technologies, and techniques.

Communication Skills:

  • Excellent written communication skills for preparing reports and composing technical documentation.
  • Strong interpersonal skills for effective interaction with co-workers, supervisors, managers, other EMURGO employees, vendors, consultants, and customers.
  • Ability to understand and train others on regulatory requirements, security standards, and EMURGO’s policies, standards, procedures, and vulnerabilities related to technology and security.

Qualification and Experience:

  • Bachelor’s degree in Information Security, Cybersecurity, Information Technology, Computer Science, Engineering, or a related field is required.
  • At least four years of experience in Information Security, including vulnerability management.
  • Preferred certifications: GSEC, Security+, CISM, CISSP.
  • Experience with blockchain technology is preferred.

Employment:

Employment is contingent upon passing a criminal convictions check, a local background check, and is subject to re-check every three years.

See more jobs at Emurgo

Apply for this job