Principal InfoSec & Compliance Analyst

Who we are.

Solo enables companies to Connect, Secure and Observe modern applications – APIs, Microservices and Data – with the industry’s leading API and Service Mesh Management Platform (“Gloo”). Solo innovations allow companies to stay on the leading edge of both technology and business possibilities.

Solo is a VC-backed company, founded in 2017 by Idit Levine. In 2021, Solo was valued at $1B. Solo’s customers are some of the largest in the world, spanning all geographies and industries. Solo’s team has deep expertise in Cloud Computing, Linux, Containers, Kubernetes, Service Mesh, APIs, AI, Security, Microservice Applications, Application Modernization.

About the role.

The Infosec and Compliance Analyst plays a pivotal role securing Solo’s infrastructure, data and software. This person is responsible for helping Solo.io define, establish and manage our corporate security strategy. This is a hands-on role helping Solo build and define the security compliance mechanisms for our products and services. It involves working with all departments at Solo.io to identify areas relevant to each department for compliance purposes, providing expert guidance. In addition, this person will help implement and document applicable policies and processes. The person in this role will work directly with auditors leading our security compliance. They may also work with our customers and prospects to understand security requirements, respond to security related inquiries and help Solo establish security commitments between both parties. The ideal candidate will have hands-on security compliance experience in a cloud native environment, as well as excellent customer facing and technical documentation skills. 

This is a remote role for applicants based in the US. 

Job Description:

• Lead and own internal cybersecurity audits to ensure operational environments stay compliant and secure
• Develop security policy documents and provide expert guidance on cybersecurity topics and policies
• Define and build security strategy and training for the company and for different teams, working internally with stakeholders and department leaders to establish security standards and processes
• Establish and maintain a security compliance plan across the company, including, but not limited to SOC 2 and ISO27001 compliance. This requires extensive project management and organizational skills.
• As needed, own communication with customers regarding security compliance and generate responses to security questionnaires.
• Manage compliance with relevant data privacy and information security laws and regulations, including, but not limited to GDPR, CCPA
• Lead incident response plan and cross functional team
• Experience establishing and maintaining security compliance program for SaaS offering

Job Requirements:

• 3+ years of experience in information security, governance, risk, and compliance roles
• Successful track record of obtaining SOC2 and ISO27001 compliance
• 5+ years of SOC analyst or security compliance management experience in a cloud native environment
• 2+ years of software development / DevOps or related experience
• 3+ years of SaaS and Cloud technical hands on experience
• Experienced in authoring and implementing information security programs and policy frameworks
• Deep understanding and experience implementing controls for security standards and frameworks (NIST, ISO 27001/27002, OWASP, SOC 2, PCI DSS)
• Strong program management and organizational skills
• Strong communication and collaboration skills to build relationships with internal stakeholders across the organization, at the leadership level and with customers
• Cybersecurity certifications (SSCP, CompTIA Security, etc)

Bonus Experience

• Hands on Kubernetes experience and knowledge
• A degree in Cybersecurity or a related field

What you’ll love about Solo.

At Solo, our culture is all about hiring great people, creating a fun and fast-paced work culture, and letting our teams work with our customers to successfully solve their challenges.

Solo works collaboratively with our customers, partners and open source communities to deliver technology innovation, technology solutions, architectural best-practices, and hands-on education. Solo uses a unique engagement model with our customers that allows us to quickly make them successful, and continue to work closely with them as their production environments grow.

Solo is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.