Ocient

Job Title: Information Security Analyst

Location: Chicago, IL (Remote)

                 *We cannot sponsor or transfer any visas, of any kind, at this time*        

Hiring Manager: Senior Security Engineer 

Estimated salary range: $70,000 to $110,000 Annually

* The salary offered for this position will be based on a candidate’s experience and skill demonstrated during interviews and other evaluations

About Ocient

Ocient is a hyperscale data solutions company founded in Chicago, IL, enabling organizations to analyze trillions to quadrillions of data records in seconds. Over the past five years, Ocient has built a SQL compliant data warehouse for Petabyte and beyond datasets that is 10x to 50x times faster than competitive OLAP databases. 

Position Overview:

The Ocient Information Security team is looking for a highly-motivated information security analyst to expand security operations and capabilities as we continue to grow. This position will report to the head of cybersecurity and assist in security compliance and hardening of Ocient’s enterprise and production environments. You will be supporting various teams at Ocient to reduce organizational risk, assess vulnerabilities, and conduct security audits. 

You’ll help expand our security compliance program, supporting SOC 2 sustainment and ISO 27001:2022 readiness. You’ll work across Engineering, SRE, IT, and Compliance to gather evidence, assess controls, and improve day-to-day security posture. This role is junior/early-career, with strong mentorship and clear growth paths in GRC or SecOps.

You can work in our Chicago office or remotely from anywhere in the United States. This job does not include a formal ‘on-call’ schedule; however, you would be expected to work during incident response / business continuity / disaster recovery operations.

Key Responsibilities:

•    Develop, implement, and monitor the information security program for corporate systems and assets.
•    Assist with risk assessments and vulnerability assessments to identify potential risks and security gaps.
•    Support incident response / business continuity / disaster recovery efforts
•    Conduct security training and awareness programs for employees to enhance the organization's security culture.
•    Collaborate with IT and other departments to ensure a cohesive approach to security across all platforms.
•    Creation and monitoring of data loss prevention alerts across organizational systems, services, and applications. 
•    Support the security authorization process, including documentation, and compliance reviews and assessments.
•    Work cross-functionally with multiple teams deploying tooling, establishing new processes, or improving existing processes.
•    Sustain SOC 2 compliance through periodic auditing of security controls and evidence collection. 
•    Assist in ISO audit preparation, internal audits, and remediation efforts. 
•    Work with GRC / ISMS platforms to assess security controls, execute control tests, document test results, and open/track remediation with clear SLAs.

Required Qualifications: 

•    Bachelor’s Degree and 2 years prior experience, master’s degree and no prior experience, 5 years prior experience (Cybersecurity or other IT-related discipline) in lieu of degree
•    Remote, US-Based, Authorized to work in the US
•    Foundational exposure to Linux, MacOS, and Windows OS security
•    Foundational experience with Cloud security (AWS/GCP/Azure)

Preferred Qualifications:

•    Security certifications with continuous education requirements (Sec +, CASP, CAP, GSEC, etc…)
•    Knowledge of database technologies and data analytics concepts
•    Working experience with security automation / SOAR, SIEM, EDR/MDM, vulnerability scanners / assessment, IAM/SSO, DLP, etc…
•    Knowledge of AI security best practices 
•    Driven to seek additional security certifications, professional development, and/or personal growth

Nice to have experience with:

Jira/Confluence, GRC platforms (e.g., Vanta/Drata/Secureframe), SIEM (e.g., Splunk/Elastic/Datadog), EDR/MDM, vulnerability scanners (e.g., Tenable/Qualys), CSPs (AWS/GCP/Azure).

We are not open to using an agency or staffing company at this time. We do not accept unsolicited agency or staffing resumes and we are not responsible for any fees related to unsolicited resumes. 

Ocient provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type and makes all hiring decisions without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.