Security GRC Analyst

About us:  

Limeade is an employee experience software company that helps build great places to work. Our platform unifies employee well-being, engagement, and inclusion solutions with industry-leading communications capabilities. Recognized for its own award-winning culture, Limeade helps every employee know their company cares. To learn more, visit www.limeade.com.

We're committed to creating a mission-driven, positive and inclusive culture of improvement made up of the best and brightest people in the business. And we've got the awards to back it up: Puget Sound Business Journal ranked us #1 Best Workplace in Washington, and Seattle Business ranked us one of the top three Best Companies to Work for in Washington State. In addition, we're one of the fastest-growing companies in North America (Deloitte's Technology Fast 500™), and Fortune magazine recognized us as a Best Workplace for Women. Limeade is a global company that embraces a distributed workforce and has users in more than 100 countries. Our headquarters are in Bellevue, WA.

About the role:

Limeade is seeking a Security Governance Risk & Compliance (GRC) Analyst to be an integral member of our expanding Security and Operations Team, specifically focused on enhancing the overall GRC program. In this role we are looking for someone who is driven, takes initiative, keeps things simple, exhibits strong intellectual curiosity, and is also able to act independently while knowing when to ask for guidance or direction.

The incumbent will help streamline and maintain Limeade’s security and privacy policies, monitor and ensure regulatory compliance (HIPAA, GDPR), manage our annual audit and certifications (SOC2, HITRUST, ISO27001), develop and maintain our vendor risk and client assurance programs, respond to customer security assessments, conduct Incident Response investigations and tabletop exercises, help maintain and report on our overall risk management program, and participate in special projects as needed.

Reporting to the Lead Security GRC Analyst, this position interacts with the Security and Operations team as well as with a wide range of internal subject matter experts (SMEs), Sales Directors, Proposal Managers and Customer Support team.

This role can be fully remote. 

Requirements:

• Ability to demonstrate our values in an on-going and consistent way
  
  •  Strong experience with HITRUST audits and certification -
          ISO27001 and SOC2 preferred but not required
  
  
• 2+ years in Information Security or Governance, Risk, and Compliance (GRC) role
  
  
• 2+ years of experience drafting and maintaining policies and procedures
  
  
• Understanding of security frameworks such as NIST and ISO
• Strong knowledge of GDPR required
  
  
• Ability to multi-task and balance competing priorities based on risk and criticality
  
  
• Strong organizational and proofreading skills 
  
  
• BA or BS from an accredited University or relevant Security Certification (CISM, CISA, CISSP)

Limeade provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Limeade will provide reasonable accommodations for qualified individuals with disabilities. 

This position is open to remote workers located in the United States and Canada.

#LI-Remote