Senior security, privacy and compliance analyst

At Persona, we're building the first universal and comprehensive identity infrastructure to help businesses of all sizes better serve and protect their customers' identities. Our identity platform enables businesses to securely collect and manage their customers' personal information, to verify that their customers' are who they say they are, to analyze and detect fraud and abuse, and to pull sensitive reports about their customers in a privacy-centric way. In a world where consumer behaviors are changing and privacy and identity are taking on a new meaning, we want to help businesses find their superpowers and do it while putting their customers, the people, first.

Persona is looking to bring on a Senior Security, Privacy and Compliance Analyst. As an early member of the privacy and compliance team, you will build, define, and lead security, privacy, and compliance programs as part of our privacy and compliance function. You will be the go-to person for understanding security, privacy, and compliance requirements for our company and working cross-functionally with stakeholders to implement those requirements.

You will have the opportunity to lead security compliance projects end-to-end, monitor privacy laws, and proactively implement processes related to security, privacy, and compliance. We don't expect you to be an expert in all security, privacy, and compliance areas; however, you should be excited and willing to dive into any related projects we may have, even if they're outside of your comfort zone!

What you'll achieve

• Train and educate cross-functional partners and other personnel in security, privacy, and compliance best practices
• Research, implement, and manage new tools to optimize internal efficiencies across teams
• Own pre-sales security questionnaires and vendor assessments; collaborating closely with sales and growth teams
• Develop and implement our security compliance program roadmap and help drive the adoption of technology and processes
• Support Technical Program Manager with large security compliance projects, including SOC2, ISO27001, and PCI-DSS
• Resolve complex issues that may not be well documented, and apply your knowledge to improve and create procedures and documentation

What you'll bring to Persona

• 2+ years of experience working in security, privacy, risk, and compliance or equivalent experience
• Experience in implementing SOC2, ISO27001, and PCI-DSS
• Strong understanding of GDPR, CCPA, BIPA, HIPAA and other data privacy laws.
• History of building trust through collaboration and successful cross functional engagements
• Strong project management skills and ability to manage varying priorities and stakeholders
• Firm grasp of security, privacy, compliance, and IT audit best practices

At Persona, we strive to put diversity and inclusion at the forefront of everything we do, reflecting our core values. Our DEI Employee Resource Group seeks to build a diverse and inclusive team that fosters an environment where each Personerd feels empowered to bring their unique differences to work and achieve their full innovative potential. Our hope is that by fostering such an environment, we strengthen our business and relationships by putting people first.

We strive to promote a culture that celebrates diversity and inclusiveness regardless of, but not limited to, race, gender, sexual orientation, family status, religion, ethnicity, national origin, physical disability, veteran status, or age.

If you'd like to better understand what it's like working at Persona, feel free to check out our reviews on Glassdoor.