Security and Compliance Analyst

About us:

Limeade is a corporate wellness technology company that measurably improves employee health, well-being and performance while building cultures that support well-being. Employees earn points and rewards for taking steps to improve well-being, while employers move the needle on their business goals. Recognized for its own award-winning culture, Limeade serves over 100 employers and top global brands.

Were committed to creating a mission-driven, positive culture of improvement made up of the best and brightest people in the business. And weve got the awards to back it up: Puget Sound Business Journal ranked us #1 Best Workplace in Washington, and Seattle Business ranked us one of the top three Best Companies to Work For in Washington State. Were one of the fastest-growing companies in North America (Deloittes Technology Fast 500), and Fortune magazine recognized us as a Best Workplace for Women. Learn more at www.limeade.com

This is a fun and fast paced environment. If you like to work with smart people, solve tough problems and improve how we work together as a team while growing, this is a place where you will have a lot of fun.

About the role:

This is an essential role on the Limeade Cyber Security Team working with our customers around security related concerns and questions. As a Cyber Security Analyst you will learn Limeade Security capabilities, communicate these to customers through our RFI/RFP process and help ensure Limeade smooth and continuous adoption of the SAE SOC Type II and III compliance. This role is positioned to lead our continuous Security improvement process(es) and can become the face of Limeade security posture.

Responsibilities:

  • Represent Limeade Security Posture to our Customers
    • Prepare and respond to security concerns from Limeade customers presented via the Sales Channel process as RFP or RFI questionnaires.
    • Prepare and own Limeade SIG and SIG Lite documents for Partner organizations.
    • Represent Security and R&D in the RFP process automation initiatives with the intent to harvest knowledge from answers and provide Sales Channel self-help.
    • Manage and facilitate telephone calls with customers on specific security concerns.
    • Participate in the development and monitoring of changes to systems, policies, and procedures for evaluating the effectiveness of controls and the level of risk
    • Maintain the Limeade Risk Assessment Register and provide quarterly summary reports on risks, controls and status on high risks topics from a business perspective.
  • Own Limeade Security Audits (SOC Type II)
    • Prepare with a strategic approach the yearly audit report in line with the Organizations changing processes; describe framework and approach to Organization, obtain responses from Organization management, and review responses prior to submitting to the Director of IT.
    • Assist the organization with engagement and controls specific to organizational teams.
    • Execute annual audit plan, including financial budget, coordinating efforts with external auditors to avoid unnecessary costs and duplication of effort.
  • Provide Limeade Employee Security Training
    • Prepare, enhance and personalize security training across the organization for clear guard rails by role with appropriate actions.
    • Integrate training into the Limeade health platform and ensue that mandatory training is adhered.
    • Work with the R&D team to enhance the platforms training compliance capability.
  • Provide International Security guidance
    • Work with the external legal entities and the Limeade development leadership incl. the CTO to understand International policies and their organizational impact including ISO 2700x, Safe Harbor and Privacy Shield to the Limeade business capabilities.


Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.