About SurveyGizmo

Founded in 2006, SurveyGizmo is a powerful survey and data insights platform that empowers business professionals to make informed decisions. As SaaS application software, it offers user-friendly data collection tools for understanding customers, markets, and employees in real time and communicating this information across an organization. It provides data insights in over 205 countries, with 50K new surveys created and 5M responses collected every week.

SurveyGizmo has tremendous opportunity to continue this growth, based on current market size and the potential for more sophisticated product positioning and a robust sales and marketing engine. Details on SurveyGizmo’s products and services can be found on our website (www.surveygizmo.com).

What You Will Do

The Information Security Analyst is responsible for maintaining and improving SurveyGizmo's cybersecurity management program to ensure information assets are adequately protected. This position is responsible for identifying, evaluating, and monitoring information security risks, controls, and processes in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The role influences, negotiates and collaborates with the SurveyGizmo community to drive cybersecurity awareness and discipline throughout the SurveyGizmo business and in collaboration with the Technology Teams.

How You Will Spend Your Days

• Collaborate on new security policies, programs, and controls to ensure that the integrity, confidentiality and availability of information is owned, controlled, and monitored by the organization.
• Develop, implement, maintain, and monitor new and existing security solutions, programs, and controls.
• Prepare and manage appropriate documentation for compliance audits
• Perform compliance control audits across all areas within IT, including Infrastructure, Data, Operations, and Development.
• Identify and recommend new controls and security solutions to meet the changes in technology and business operations, particularly as SurveyGizmo expands and integrates with services.
• Recommend improvements to existing controls or the monitoring of control effectiveness.
• Analyze security logs, identify significant events and respond to security incidents according the defined Incident Management Policy.
• Collect, prepare and present value-add security and operational metrics
• Fluency in current cybersecurity threats and mitigation tactics
• Knowledgeable in various security commercial and open source tools with some ability for programming/scripting
• Monitor industry-wide security recommendations, technology, tools & services, challenges, threats, and their relevance to SurveyGizmo. Advise relevant stakeholders on the appropriate courses of action.
• Review and respond to technical vulnerabilities and report them as necessary to relevant stakeholders.
• Serves as an escalation point for cybersecurity issues.
• Coordinate with colleagues on all information security, privacy and business continuity activities, ensuring that SurveyGizmo’s practices are in line with the broader business strategy and expectations.
• Performs other related tasks as necessary.

What You Bring to this Role

• Knowledge and understanding of relevant cybersecurity, compliance, and privacy standards, best practices, requirements and regulations, both in the US and Internationally.
• Experience in an information security and technical discipline
• Experience performing risk assessments and designing controls related to information security.
• Ability to work efficiently and effectively prioritize in a highly dynamic decentralized work environment
• Ability to share tactics and mitigation strategies as well as apply learned knowledge from trusted partners and industry colleagues towards the betterment of SurveyGizmo’s cybersecurity program
• Demonstrated ability to work effectively under pressure while meeting and/or exceeding project deadlines managing expectations along the way.
• Ability to work effectively in all aspects of the cybersecurity program, from strategic development to detailed control review and assessment.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Must be a critical thinker, with strong problem-solving skills
• Ability to self-motivate and work independently as well as in a team

Our Team Members Enjoy

• Competitive compensation package include benefits, including Medical, Dental, Vision, and matching 401k
• Generous PTO, including all major holidays and 4 floating days
• Up to $2,250 annually in cafeteria funds to use toward commute expenses (toll reimbursement), wellness, continued education
• Discounted health club membership to 24 Hour Fitness or Colorado Athletic Club
• Onsite complimentary massages
• Fully stocked complimentary kitchen (food, snacks, coffee, and drinks)
• Dog friendly office
• Relaxed and open workspace with sit/stand workstations
• Nearby bike and walking trails
• Boulder casual dress code
• Great Boulder location without the Pearl Street commute
• Environment where you are empowered to make a difference!