[Hiring] Security Analyst - Governance, Risk, and Compliance @LaunchDarkly

Role Description

LaunchDarkly's Governance, Risk, and Compliance team is hiring a Security Analyst III to facilitate the definition, implementation, and operation of security and privacy programs at LaunchDarkly. As a member of the team, you'll drive initiatives to assess and reduce security risks to the company, advise stakeholders, and maintain compliance with the frameworks that we adhere to including ISO 27001, SOC 2 Type II, and FedRAMP.

You'll report to the Director of Security and partner closely with stakeholders in Legal, Revenue, and other members of our security team. We expect you to bring a sharp point of view on where AI can take work off the team's plate and make our coverage deeper.

Responsibilities:

• Collaborate with stakeholders to design and operate security controls that comprise the LaunchDarkly GRC program
• Use technology to automate compliance activities like gathering evidence and verifying controls
• Operationalize the health and maturity of the program by tracking metrics based on quantitative and qualitative data
• Drive progress towards results for GRC-related continuous improvement projects
• Contribute to documentation for security standards, policies, and processes
• Support audits and assessments with internal and external stakeholders
• Work with product and infrastructure delivery teams on engineering projects related to GRC requirements

Qualifications

• Deep cybersecurity, privacy, and risk management knowledge and skill
• Excellent communication skills - written and verbal
• Experience working on collaborative projects
• Depth with modern cloud-based SaaS organizations - specifically AWS control environments
• Information security experience at an organization with significant compliance requirements
• Strong familiarity with security standards (SOC 2, ISO 27001, ISO 27701, FedRAMP) as well as privacy laws (CCPA and GDPR)
• Familiarity with LaunchDarkly’s collaboration tools like Confluence, Slack, and Github

Nice to have:

• Considerable knowledge of software development and architecture
• CCSP, PCI QSA, CISSP, or CISA/CISM certifications

Requirements

• Target pay ranges based on Geographic Zones for Level 3:
• Zone 1: San Francisco/Bay Area or NYC Metropolitan Area: $136,500 - 187,660
• Zone 2: Boston, DC, Irvine, LA, Monterey, Santa Barbara, Santa Rosa, Seattle: $122,800 - 168,850
• Zone 3: All other US locations: $116,000 - 159,500
• Exact compensation may vary based on skills, experience, and location.
• Restricted Stock Units (RSUs), health, vision, and dental insurance, and mental health benefits in addition to salary.

Company Description

Modern software delivery was supposed to be the foundation for a thriving digital business but reality has proven otherwise. The LaunchDarkly platform helps developers innovate on new features faster while protecting them with a safety valve to instantly rewind when things go wrong.

• Improving the velocity and stability of software releases, without the fear of end customer outages
• Delivering targeted experiences by easily personalizing features to customer cohorts
• Maximizing the business impact of every feature through the ability to experiment and optimize
• Coordinating the release and optimization of software to provide consistent experiences across mobile platforms and device types
• Improving the effectiveness and productivity of engineering teams, by providing insights into engineering cadence and stability

At LaunchDarkly, we believe in the power of teams. We're building a team that is humble, open, collaborative, respectful and kind. We are an equal opportunity employer and value diversity at our company.