IT Security Compliance Analyst
Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally, from rapidly growing startups to some of the world's largest enterprises. Apollo.io provides sales and marketing teams with easy access to verified contact data for over 270 million B2B contacts, along with tools to engage and convert these contacts in one unified platform. By helping revenue professionals find the most accurate contact information and automating the outreach process, Apollo.io turns prospects into customers. Apollo raised a series D in 2023 and is backed by top-tier investors, including Sequoia Capital, Bain Capital Ventures, and more, and counts the former President and COO of Hubspot, JD Sherman, among its board members. Apollo.io is growing rapidly, with 900% revenue growth since 2021, and is looking for world-class talent to keep building with us.
About the role:
The GRC Analyst will be responsible for running and improving Apollo’s risk and compliance program. They will maintain continuous compliance tooling, integrate it with Apollo’s systems, and manage the compliance programs for SOC 2 and ISO 27001. They will manage the company’s risk register and ensure that risks are tracked and remediated. They will manage projects and keep programs updated.
Daily Adventures & Responsibilities:
- Develop our risk management framework
- Own the risk register and keep it updated to present the company’s risk profile.
- Identify Key Risk Indicators and report on deviations.
- Partner with other teams to support them in identifying risks and their response.
- Continuously assess security measures in place for effectiveness, thus highlighting deficiencies for remedial action.
- Run the vendor security assessment process.
- Ensure compliance
- Identify, research, and assess compliance requirements for SOC2, ISO 27000, and other certifications.
- Develop the program and track projects to meet goals successfully.
- Operate and maintain a continuous compliance platform.
- Partner with internal teams to ensure alignment with compliance requirements.
- Gather evidence to demonstrate controls are in place.
- Design reports related to compliance monitoring and improvement activities to ensure compliance with security policies.
- Support sales with security requests.
What We're Looking For:
- 5+ years of experience in information security with exposure to implementing or assessing security controls across all security domains, such as access management, encryption methods, vulnerability management, network security, etc.
- 3+ years of experience supporting compliance programs within the technology space.
- Knowledge of implementing, managing, and auditing security & compliance regulations, standards, and frameworks (SOC, PCI DSS, ISO 27001, GDPR, ITIL, NIST, COBIT).
- Knowledge of cloud platforms such as AWS or GCP.
- Experience developing security and compliance reporting for various audiences, including executive management.
- Comprehensive knowledge of IT security technologies, threats, and vulnerabilities.
- Industry-related compliance, risk, or security management certification is preferred (CISA, CRISC, CISM, CISSP, ISO27000 Lead Auditor).
- Technical competence with automation and GRC tooling.
- Experience with continuous compliance tooling such as Vanta, SecureFrame, Drata, JupiterOne.
- Advanced written and spoken English proficiency.
What You’ll Love About Apollo
Besides the great compensation package and culture that thrives in openness and excellence, we invest tremendous effort into developing our remote employees’ careers. The team embraces that we have a sole purpose: to help customers maximize their full revenue potential on the Apollo platform. This mindset opens us up to a lot of creative approaches to making customers successful at scale. You’ll be a significant part of a lean, remote team, empowered to really own your role as a proactive educator. We’re very collaborative at Apollo, so you’ll be able to lean on your teammates, even in adjacent departments, to help you achieve lofty goals. You’ll be supported and encouraged to experiment and take educated risks that lead to big wins. And, you’ll have a whole team remotely by your side to help you do it!