Oh Snap!
This job is no longer active - but you can still view the details below.

Security Analyst

| Colorado Springs

Who we are...

BombBomb makes it easy to use simple videos to build relationships through email, text and social media. Our team is scrappy and intelligent. Competitive and collaborative. Fun-loving and tenacious. We're close-knit and love adding new talent to the mix. Rehumanizing the planet can't be done without EXCELLENT people and we want to add you to our already amazing team!

Who we're looking for...

The Security Analyst will be a part of our IT Information Security team, and help us achieve a SOC2 attestation by the end of 2018 to facilitate BombBomb’s relationship with emerging enterprise markets. You will swiftly identify and remediate vulnerabilities to the company’s cyber infrastructure. Additionally, you will help protect BombBomb employees, resources and confidential company/customer data by implementing appropriate security policies and practices.

What you will do...

  • Continually complete client security questionnaires within 3 business days.
  • Lead the various compliance projects, guide the development and IT staff to achieve SOC2 attestation by the end of Q4 2018.
  • Continually run vulnerability assessments every 30 days, work with internal teams to remediate critical vulnerabilities
  • Run PCI compliance scans for our payment processor every 90 days and resolve any issues
  • Establish good relationships with senior management and staff. Communicate and coordinate security efforts to ensure that BombBomb includes security awareness in its culture.
  • Coordinate and advocate for security development work among product owners and developers to ensure progress is made in larger security initiatives
  • Continually improve technical skills to include a good working knowledge of the following:
    • Linux systems and bash scripting to improve automation capabilities and troubleshoot back-end systems related to security
    • Enough programming to know the basics and spot obvious vulnerabilities such as SQL injection and Cross-Site scripting
    • Splunk administration and creation of high-level security dashboards
  • Run phishing campaigns and follow up with live education classes twice a year. Maintain a recidivism rate of lower than 35% (new employees exempt) company-wide
  • Maintain security policies and understand them in depth.
  • Review and audit the efficacy of BombBomb’s Security policies at least annually to ensure compliance.
  • Review and audit the efficacy of BombBomb’s Security controls at least quarterly to ensure compliance.
  • Train and remediate security incidents with BombBomb staff, ensuring that BombBomb staff recidivism is less than 35%
  • Maintain and administer the physical security systems and periodically review video footage and access logs for unauthorized access.
  • Manage security-related vendor relationships such as physical security, software products and services, ensuring that they are secure and well-researched. Be accurate in licensing counts and stay within budgetary estimates.
  • Deliver accurate budgetary requirements yearly in October

How you'll do it...

Embody BombBomb’s core values: Relationships, Fun, Humility, Flexibility and Service

Integrity & Trust: Acts ethically and honestly and builds professional relationships by promoting mutual trust

Communication: Be a good communicator and build relationships with the people you will be working with in the office. The position will depend on communication between multiple people across multiple departments, coordinating to achieve ISO compliance. Communicating deadlines and the relevance of the requirements will be crucial to the project’s success.

Flexibility: Willing to learn new technologies, security protocols and methods of circumventing our security systems. Ability to adapt to new challenges as they arise, and put out fires without being overwhelmed during busy times.

Detail-Oriented: The position requires attention to detail, as a violation in company policy may result in failure to achieve compliance and ultimately losses in company revenue.

Analytical Thinking / Problem Solving: The ability to understand an idea, situation, or problem by breaking it into smaller pieces

Diplomacy: Effectively handling difficult or sensitive issues by using tact, diplomacy and an understanding of organizational culture and climate

Our ideal candidate will be or have...

  • 5+ years of progressive information technology experience
  • 3+ years of IT security experience
  • Bachelor's degree in technology or related field
  • Experience with enterprise logging (Splunk, SumoLogic, etc.)
  • Experience with enterprise endpoint protection systems (ESET, Cylance, or similar)
  • Experience with vulnerability assessment tools (Rapid7, Burp Suite or similar)
  • Strong understanding of networking concepts (VPN, subnetting, ACLs, VLANs, etc.)
  • Familiarity with network IDS/IPS systems (CheckPoint, SNORT, SourceFire, etc.)
  • Experience working with Security Compliance Frameworks (ISO 27001, SOC2 and PCI-DSS)
  • Knowledge of popular SaaS applications
  • Knowledge of Linux, macOS, iOS, and Android
  • Knowledge of AWS security principles
  • Familiarity with Kanban/Agile project management
  • Ability to meet deadlines and adjust to changing priorities
  • Willingness to work in a fast paced and hands-on environment
  • Preferred Qualifications:
    • CompTIA Security+ certification
    • CompTIA CySA+ or CSA+ certification
    • CISM or CISSP certification

BombBomb Benefits Package Includes...

  • Excellent Medical, Dental and Vision Benefits for you and your family (2 PPO + HSA option)
  • 10 days paid vacation and 5 days of sick leave
  • 8 paid holidays
  • 401k Plan with employer match
  • Weekly company-catered lunch
  • Fun workplace: happy hour every Friday and company game room
  • Annual Education/Development for your career growth
Read Full Job Description

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavascriptLanguages
    • PHPLanguages
    • ReactLibraries
    • Node.jsFrameworks
    • RedisDatabases
    • AsanaManagement
    • SalesforceCRM


BombBomb is in the heart of downtown Colorado Springs. We are in walking distance of great food, drinks, and entertainment - with amazing views!

An Insider's view of BombBomb

What’s the vibe like in the office?

The vibe at BombBomb is high energy and fun! Since our company is growing rapidly, employees are highly motivated and driven. One of our core values is fun, and that's just what we do all day long! Whether it's through our work or a game of ping pong, the office is always full of life.


Customer Care Associate

How do you collaborate with other teams in the company?

Humility is one of our core values, and remaining humble is recognizing that you will never have all the answers. At BombBomb you are encouraged to reach out to others to solve whatever challenge there is, no matter the department. Encouraging collaboration helps us grow closer and continue to live out our core value of Humility.


Senior Deliverability Analyst

What makes someone successful on your team?

Someone successful on our team has the willingness to approach every situation with flexibility, which is one of our company’s core values. Flexibility allows for more creativity, and because we are working to connect people using video, we know that we need to be creative in offering solutions to achieve our customer’s desired outcome.


Manager of Enterprise Customer Success

How would you describe the company’s work-life balance?

Work-life balance is something that is taken very seriously among my team here at BombBomb. I am encouraged often to not burn myself out and to find my own pace. Leadership is aware of how important mental health is and how it drastically improves happiness in the workplace. At BombBomb, your family always comes first.


Customer Care Associate

What are BombBomb Perks + Benefits

BombBomb Benefits Overview

BombBomb offers health / dental / vision insurance, PTO and paid holidays, a 401k plan with company match, Short / Long term disability, and company paid life insurance. There are countless perks, including company sponsored lunch on BombBomb Friday, great beers on tap, professional development opportunities, and paid volunteer time.

Health Insurance & Wellness Benefits
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K) Matching
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Company Outings
Game Room
Some Meals Provided
Happy Hours
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences

Additional Perks + Benefits

Fridays are the bomb at BombBomb! We enjoy lunch as a team every Friday and celebrate newcomers and people living out the core values. The winner gets two weeks in the corner (truly) Awesome Office. There is a walking/biking trail just steps away from our office and you can be IN the mountains within 15 minutes. The million dollar views of Pikes Peak keep us inspired and energized. We're always learning and growing so lunch-n-learns are common - we discuss everything from how to be an authentic leader to the magic of a true Customer Success experience and selling like a boss. Also, #HACKWEEK is legit and our developers wow us every time with their innovative creations.

More Jobs at BombBomb5 open jobs
All Jobs
Dev + Engineer
Colorado Springs
Colorado Springs
Colorado Springs
Colorado Springs
Colorado Springs