Security & Compliance Analyst

DNSFilter’s mission is to protect our customers and partners with products they love to use! We are revolutionizing network security by providing fast, accurate, and reliable threat protection and content filtering. We're a rapidly growing company dedicated to creating a safer internet for businesses and organizations worldwide. Leveraging AI-driven threat intelligence, DNSFilter empowers our customers to proactively block threats before they impact their networks. We foster a collaborative, innovative, and results-oriented culture where every team member contributes to our mission of making the internet safer.

As we continue our product-fueled growth by adding new features and broadening our solution to meet the needs of the global market, it's clear there's a missing piece. That's where you come in!

• SOC 2 audit program - Drive our annual Type II audit end-to-end: evidence collection, auditor selection & coordination, remediation tracking, and readiness assessments
• Compliance platform management - Own our Vanta instance as the primary admin: monitor controls, resolve alerts, maintain integrations, improve our trust center, and keep evidence collection automated
• Customer security questionnaires - Respond to customer security assessments, RFPs, and due diligence requests
• Vendor security reviews - Evaluate third-party vendors for security risk, manage the vendor review pipeline, and work cross-team to maintain our approved vendor registry
• Policy management - Maintain, update, and drive approval cycles for security policies, standards, and procedures

• Security observability - Improve our ability to detect and respond by working on logging, alerting, and tuning
• Access management & device posture - Help implement and improve IdP configurations, access management, and endpoint compliance policies
• Misc security projects - support other security team members on larger initiatives as capacity allows
  
  

• 3–5 years in a GRC, compliance, or security analyst role at a SaaS or technology company
• Hands-on admin-level experience with a compliance automation platform (Vanta, Drata, Secureframe, or similar)
• Led or significantly contributed to at least one SOC 2 Type II audit cycle
• Have led or substantially participated in at least one large technical project or deployment
• Strong written communication
• Self-directed and organized

• Experience with identity providers (Okta, Azure AD/Entra, Google Workspace) at an admin or configuration level
• Experience with GDPR or other data privacy frameworks
• Familiarity with endpoint management tools (Jamf, Intune, Kandji)
• Exposure to SIEM or log management platforms
• Experience working in this role at a SaaS organization in the 100–500 employee range