Senior Security and Compliance Analyst

**About Workato**:
Workato is the only integration and automation platform that is as simple as it is powerful — and because it's built to power the largest enterprises, it is quite powerful.

Simultaneously, it's a low-code/no-code platform. This empowers any user (dev/non-dev) to painlessly automate workflows across any apps and databases.

We're proud to be named a leader by both Forrester and Gartner and trusted by 7,000+ of the world's top brands such as Box, Grab, Slack, and more. But what is most exciting is that this is only the beginning.

**Why join us?**:
Ultimately, Workato believes in fostering a **flexible, trust-oriented culture that empowers everyone to take full ownership of their roles**. We are driven by **innovation **and looking for** team players **who want to actively build our company.

But, we also believe in **balancing productivity with self-care**. That's why we offer all of our employees a vibrant and dynamic work environment along with a multitude of benefits they can enjoy inside and outside of their work lives.

Also, feel free to check out why:

- Business Insider named us an "enterprise startup to bet your career on"
- Forbes' Cloud 100 recognized us as one of the top 100 private cloud companies in the world
- Deloitte Tech Fast 500 ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America
- Quartz ranked us the #1 best company for remote workers

Workato is the operating system for today's fast-moving business. As a high growth company with over 6000 customers, Workato is revolutionizing the integration and automation market with investments from the top 3 SaaS companies - Salesforce, Workday, ServiceNow. Recognized as a leader by both Gartner and Forrester, it is the only AI-based platform that enables both business and IT to integrate their apps and automate workflows across their enterprise with robust security and governance. Some of the world's top brands including Slack, Grab, Box, Visa, Broadcom run on Workato.

Workato has a positive, diverse, and collaborative culture—we look for people who are curious, inventive, smart, hardworking and work to be a little better every day. Workato has also been recognized amongst the "Top 47 Enterprise Startups to Bet Your Career On in 2020", the "Hottest 13 Productivity Software Startups to Watch in 2020", and the "Top 15 startups helping even non-programmers build simple apps, ahead of an expected software developer shortage" by Business Insider.

**All full-time employees in Singapore** will also have the following benefits:

- Workato Stock Options at one of Silicon Valley's fastest growing startups
- Flexible and personalized medical and wellness benefits (protection for hospitalization and surgical procedures, clinical outpatient visits, accident coverage and more...)
- Up to 20 weeks of paid maternity leave, and 10 weeks of paid paternity leave

**Responsibilities**:
We are looking for an exceptional Senior Security and Compliance Analyst. As a member of the Workato Security and GRC team you will be working with various different functional groups on development, implementation and audit from a Security and Compliance program
perspective. You will also be responsible to:

- Develop, document and implement policies and procedures for Workato's Security and Privacy program
- Monitor compliance and policy execution, ensure remediation actions are identified and performed
- Evaluate compliance and security and assess risk of 3rd parties, in conformance with Workato's vendor management policies
- Organize and perform internal audits and periodic tests of controls, prepare and maintain documentation and required reports for auditors
- Assist in organizing and coordinating internal support for Workato's regular external compliance audits
- Configure, update, maintain and help administer GRC software
- Keep current with evolving security and privacy requirements and risks, and contribute to the development of organizational procedures that address these areas
- Coordinate consistent and appropriate response to client security queries and RFP/RFIs in a concise and yet instructive way

**Requirements**:
**Qualifications / Experience / Technical Skills**:

- Bachelor's degree
- 3-5 years of experience working with IT and Enterprise Security, Assurance, Risk or Audit functions.
- Knowledge of all domains within security covering people, process and technology
- Solid understanding of security concepts, security policies, risks, and corresponding mitigation strategies
- Experience with compliance and audit requirements such as SOC 2, ISO 27001/27018, HIPAA, Fedramp, PCI, etc.
- Knowledge of relevant laws and regulations including GDPR
- Proficient in Google suite for data analysis, reporting, and presentations
- Extremely strong collaboration, planning, and prioritization skills
- Excellent communicator in both verbal and written forms
- Exceptional time management skills
- Strong ethical standa