Security Analyst (Hybrid)

About the role

A global SaaS leader for seamless digital document workflows, Nitro offers a suite of solutions for PDF, eSigning, identity verification and analytics supported by a best-in-class customer success and change management team. With more than 3 million licensed users and 13,000+ business customers across 157 countries, we serve 67% of the Fortune 500. How We Work: We aim to create an environment where talented individuals are empowered to excel. How we collaborate, innovate, and engage with one another is important to us. Our work is driven by 5 key principles: One team, One mission Our collective dedication to Nitro's mission defines us. Together, we are building an environment where everyone feels like a valued part of something bigger than themselves. Own it We take full ownership of our actions and decisions. We empower one another to lead with confidence, creativity, and a solutions-focused mindset. Accountable to our customers We are dedicated to our customers and take our commitments seriously. We do what we say we are going to do. Excellence in execution Driven by passion and precision, we exemplify excellence in our delivery with innovative, top-quality results. Be bold, fail fast, learn faster We learn as we grow, dare to try, and bravely question. We are not chasing perfection but forever iterating towards it. These guiding values shape our approach to work, fostering a culture where everyone is inspired to contribute their best. We are looking for a proactive, detail-oriented, and collaborative Security Analyst with a strong focus on Governance, Risk, and Compliance (GRC) to help evolve and sustain Nitro's global security and compliance posture. This key role is central to ensuring Nitro maintains "always-on compliance" - embedding governance and control assurance into daily operations. The successful candidate will help maintain and mature Nitro's core compliance programs, including ISO 27001, SOC 2, HIPAA, and DORA, while serving as the primary point of contact (POC) for our external compliance vendor. In addition to managing our compliance frameworks, this role will drive Security oversight across Nitro's diverse ecosystem of business-critical applications, platforms, and integrations - including systems such as Salesforce, Atlassian, Microsoft 365 and other SaaS and cloud-based services. The analyst will ensure these environments are governed by consistent, effective controls and that security risk is continuously monitored and managed. You'll collaborate across Security Operations, IT, Engineering, Legal, Sales, and Customer Success amongst others to ensure Nitro's security practices are robust, transparent, and trusted - both internally and by our customers.

Responsibilities

• Governance, Risk, and Compliance
• Play a significant role in Nitro's compliance programs (ISO 27001, SOC 2, HIPAA, DORA), ensuring a continuous state of readiness and certification maintenance.
• Act as the main point of contact for Nitro's external compliance vendor, managing communications, audits, evidence requests, and ongoing improvement initiatives.
• Implement and champion Nitro's "always-on compliance" strategy - embedding compliance automation and continuous control monitoring across our systems.
• Maintain the internal GRC calendar and ensure all compliance activities are completed on schedule.
• Develop, maintain, and refine security policies, procedures, and standards, ensuring alignment with frameworks and practical applicability.
• Report on compliance status, control effectiveness, and risks to management and stakeholders.
• Security Oversight Across Nitro's Applications and Platforms
• Provide security governance and oversight for Nitro's portfolio of applications, platforms, and integrations - including Salesforce, Atlassian (Jira/Confluence), Microsoft 365, AWS, and other critical SaaS systems.
• Partner with system owners to ensure security configurations, access controls, and audit logs meet Nitro's standards and compliance requirements.
• Conduct periodic reviews of key systems to verify proper implementation of controls (e.g., MFA enforcement, data retention, access management, logging).
• Ensure consistent risk assessment and control validation across both internally managed and third-party services.
• Collaborate with IT and Engineering teams to remediate control gaps and strengthen system-level governance.
• Develop and maintain an inventory of systems and integrations, tracking ownership, classification, and control coverage.
• Customer and Sales Support
• Partner with Sales and Customer Success to respond to security questionnaires, RFPs, and due diligence requests from customers and prospects.
• Maintain and continuously improve Nitro's Trust and Security documentation, ensuring it reflects our current certifications and controls.
• Support customer security reviews by clearly articulating Nitro's security and compliance posture.
• Risk Management and Continuous Improve

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at nitrosoftwareinc? Share your experience