Senior Security Risk and Compliance AnalystSan FranciscoApply now
Senior Security Risk and Compliance Analyst
We are looking for an experienced Security Compliance professional to join Asana’s Security Compliance program. You will be a key member of the security team that is part of Asana’s world-class engineering organization and will be responsible for protecting Asana and its users. You will collaborate closely with Legal, Finance, Business, and Engineering teams to implement security safeguards, manage security risk, and build and maintain trust with our customers and users.
What you’ll achieve
- Collaborate with stakeholders across security, engineering, and legal to monitor and drive improvements to our security controls
- Facilitate internal and external compliance assessments of our security program and partner with external auditors and internal stakeholders
- Manage and maintain the common controls framework and ensure that controls are aligned with applicable security standards and regulations
- Contribute to building and improving team processes as it relates to monitoring controls, collecting evidence, and executing audits
- Act as a subject matter expert for applicable compliance standards and be a valued partner to the business and engineering teams in the implementation of the standards
- 4+ years in security compliance, IT audit, or information security assurance
- Experience leading internal or external security audits and assessments
- Experience implementing key security standards like SOC 2, ISO 27001, HIPAA, CIS Controls, NIST CSF, or PCI DSS standards
- Excellent leadership, interpersonal, verbal and written communication, presentation, and problem solving skills
- Strong cross-functional team program management abilities, including managing multiple assessments concurrently with different stakeholders and timelines
- Track record of taking initiative, having the ability to work independently, and be comfortable thriving in ambiguity
Asana helps teams orchestrate their work, from small projects to strategic initiatives. More than 75,000 organizations and millions of users rely on Asana, including AirAsia, AllBirds, Grab, KLM Air France, Kohl’s, Sephora, Traveloka, and Viessmann. Asana has been named a Top 5 Best Workplace and the #1 Best Workplace in the Bay Area by Fortune three years in a row, and one of Glassdoor’s and Inc.’s Best Places to Work. With nine global offices, including a San Francisco headquarters and flagship offices in Dublin, New York, Sydney, and Tokyo, Asana is always looking for curious, collaborative, and mission-driven people to help us enable the world’s teams to work together effortlessly.
Our goal is to ensure that Asana upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company. We welcome applicants of any educational background, gender identity and expression, sexual orientation, religion, ethnicity, age, citizenship, socioeconomic status, disability, and veteran status, and we'd love to learn about what you can add to our team.
- Rethinking the org chart: Areas of Responsibility (AoRs)
- Distributed responsibility: An engineering manager’s perspective
- The Pyramid of Clarity
At Asana, you’ll do meaningful, purpose-driven work. We’re not just building a product that helps people be more productive—we’re helping teams and organizations reach their goals together. For the past six years, we've been recognized as an award-winning workplace by Fortune and Great Place to Work, Fast Company, Glassdoor, and Inc. Magazine. Our inclusive culture is intentionally built to enable our teams to be creative and make an impact. With offices all over the world, we’re excited to get back to in-person collaboration along with a hybrid schedule for balance and flexibility in life and work. We’re looking for passionate individuals to join us on our journey. Come do great things with us.