Information Security Analyst

Schaumburg, IL, United States
PowerToFly approved because…

They've actually hired through PowerToFly! Meet Michelle Ensey, who is Paylocity's newest Product Owner! Michelle says she was attracted to Paylocity because of their "core values... They have a remote workforce and manage it well - meaning that I feel confident about working remotely and being a valued member of the team. I'm able to balance my family and my career without having to sacrifice one for the other."

Keep reading to check out Paylocity's open roles!

At Paylocity, we create software that makes companies – especially their HR teams – better, faster, and stronger. We give clients the tools they need to make their companies run, and give our employees a rewarding company culture – all putting us in a category of our own. Join us and learn what makes us unique!

We’re a fast-growing company ready to revolutionize the payroll and HR world for hundreds of thousands of businesses by delivering innovative technology and support. We seek the best and brightest to help us create the future of our talent solutions – enabling our customers to better develop their employees. Our own employees are equally important to us: We work hard to provide the best work environment for our employees, and are dedicated to giving back to the communities in which we live and work.

Delivering one-of-a-kind cloud technology, accompanied by award winning customer service, Paylocity is a software development company in a category of its own.
The Information Security Analyst will play an instrumental role in maintaining Paylocity’s Information Security Governance, Risk and Compliance (GRC) program. Reporting into the Information Security Manager, this position will also closely with Product Development, Business and IT Operations, and all key departments throughout the organization. The person in this key role will help ensure that Paylocity’s IT governance processes are properly designed and are functioning effectively and that the organization maintains its compliance with all applicable legal, regulatory, and contractual requirements.  Finally, the person in this role will ensure that Paylocity properly identifies, assesses, and manages its Information Security risks. 
Are you the leader we are looking for?
Who you are:
·       Passionate about information security and privacy
·       An evangelist regarding the importance of information security
·       Committed to an ongoing partnership with other high profile groups within the organization  to insure information security objectives are being understood and embraced
·       Established presence within information security communities
·       Ability to anticipate problems and recommend decisive action
·       Excellent communication skills (both written and oral)
·       Ability to work collaboratively across the organization
·       Values their role as an advisor and business enabler more than their role as a rule enforcer
·       Self-driven, creative, and resourceful
How we work:
·       Casual, collaborative environment which embraces and operates under our shared principles 
·       Complete transparency with open, honest discussions about our progress
·       Close working relationships across all areas of the organization
·       Focus on outcomes and learning
What we offer:
·       A strong commitment to Information Security both financially and organizationally 
·       An existing talented and passionate Information Security team
·       The chance to meaningfully contribute to a vast market opportunity
·       A collaborative environment where our security team is empowered to help steer the direction of the team
·       A place to contribute your security knowledge company-wide through forum panels with our product development team 
·       Annual training allowance to learn new things and bring it back to the team.
·       Employee Stock Purchase Program (ESPP) which enables employees to share in the long-term growth and future success of the company
Required Experience:
·       Understands the basic tenants of Information Security risk management (threat management, vulnerability management, and risk treatment).
·       Experience in performing Information Security risk and control assessments.
·       Experience creating and maintaining a BCDR program and deliverables and serve as SME/facilitator for the business and IT.
·       Experience defining, revising, and implementing corporate information security policies.
·       Experience coordinating corporate-wide initiatives for obtaining security related assurances (e.g., ISO 27001, SSAE-18, etc.) including process control design and testing.
·       Familiarity with federal and state legal regulatory requirements related to information security and privacy.
·       Well versed in the information security issues affecting financial service organizations and cloud based application service providers.
·       Experience creating, implementing, maintaining, monitoring, and enforcing the Security Awareness Program.
·       Experience creating and maintaining the security vendor management program.
·       Possess (or in the process of obtaining) at least one of the following professional designations (or one of similar stature):
Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information System Auditor (CISA)Certified Information Security Manager (CISM)Certified in the Governance of Enterprise Information Technology (CGEIT)
·       Bachelor’s degree in information security, information assurance, computer science, management information systems, computer information systems, or a related discipline.
During the last three months, you would have:
·       Ensured Paylocity is properly evaluating security risks through a risk assessment framework
·       Managed and coordinate Paylocity’s business continuity planning and disaster recovery planning programs.
·       Ensured that Paylocity continues to comply with applicable InfoSec related legal and regulatory requirements,
·       Maintained Paylocity’s information security and privacy related policies, standards, and procedures.
·       Assessed compliance with Paylocity’s policies and standards and take action to remediate non-compliance.
·       Acted as a liaison to auditors and consulting partners
·       Collected information and provided answers to customer and client due diligence requests.
·       Lead Paylocity’s InfoSec vendor due diligence reviews.
·       Coordinated an Information Security risk assessment as well as ad hoc project risk assessments.
·       Maintained and improved InfoSec risk and service performance metrics
·       Represented Paylocity in the Information Security arena through vendor relations and participation in professional organizations.

We’re passionate about connecting highly skilled women with leading companies commited to diversity and inclusion

Are you looking for your dream job? In Office. Flexible. Remote.

Join our Movement

Are you hiring? Join our platform for diversifying your team

Post a job