Back to jobs

Information Security Analyst, GR&C

Minneapolis, MN | Austin, TX | Princeton, NJ | Reston, VA

Who We Are:

CrashPlan® provides cyber-ready data resilience and governance in a single platform for organizations whose ideas power their revenue. With its comprehensive backup and recovery capabilities for data stored on servers, on endpoint devices, and in SaaS applications, CrashPlan’s solutions are trusted by entrepreneurs, professionals, and businesses of all sizes worldwide. From ransomware recovery and breaches to migrations and legal holds, CrashPlan’s suite of products ensures the safety and compliance of your data without disruption.

What You Will Be Doing:

We are recruiting for an Information Security Analyst, Governance, Risk Management and Compliance to join our team. As a key member of the CrashPlan Information Security Team, you will be supporting the risk management and compliance functions. We believe in smart security and in your role you will look for meaningful ways to manage risk, ensure compliance, and work with teams to implement better security practices.

 

NOTE - We are only considering remote candidates in the following metropolitan areas:

Minneapolis/St. Paul, MN * Austin, TX * Princeton, NJ * Reston, VA

 

Day In The Life:

  • Conducting security and privacy risk assessments and security consulting engagements
  • Conducting information security assessments of third-party vendors
  • Maintaining reporting and tracking for information security and privacy risks and working closely with risk owners to remediate
  • Conducting periodic business continuity and disaster recovery testing
  • Responding to customer and prospect security questions related to CrashPlan’s products and security posture
  • Supporting information security and privacy compliance audits and initiatives (e.g. SOC2, ISO 27001, PCI-DSS, GDPR) including day to day management of the GRC platform and continuous monitoring activities
  • Conducting internal audits 
  • Managing the security training and awareness program and phishing simulations
  • Facilitating change management  
  • Prioritizing risks efficiently and appropriately; challenging assumptions and methodologies
  • Triaging and prioritizing vulnerabilities for remediation  
  • Developing and maintaining cross-functional partnerships, and partnering with SMEs to determine appropriate risk-based remediation strategies



Who You Are:

Required Qualifications:

  • Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or related discipline and/or equivalent experience
  • 3+ years professional experience in a similar role
  • Knowledge of/experience working with NIST 800-53, ISO 27001, SOC2, GDPR, DPF  and other relevant security and privacy frameworks
  • Knowledge of/experience with third Party Security, Policy management, Customer Security, Assurance, and/or Security Awareness
  • Experience conducting data privacy and security risk assessments and impact analysis

 

Preferred Qualifications:

  • One or more information security or privacy certifications (e.g. CISSP, CISM, CIPP)
  • Experience using vulnerability scan tools and threat and vulnerability management 
  • Experience with Azure and AWS environments

The base pay compensation range for this role is listed below. This position is eligible for an annual bonus based on individual and company performance in addition to a full range of benefits including medical, dental, vision, 401k match, and more. Final compensation will be dependent on various factors relevant to the position and the candidate such as geographical location, candidate qualifications, certifications, relevant job-related work experience, education, skillset and other relevant business and organizational factors, consistent with applicable law. This information is provided per the relevant state and local pay transparency laws for the location in which this position will be performed.

Pay Transparency

$105,000 - $125,000 USD

CrashPlan values workplace diversity and ensuring an environment of mutual respect. Employment opportunities are available to all applicants without regards to race, color, creed, religion, sex, national origin, age, marital status, veteran status, sexual orientation, gender identity or expression, disability, genetic information, or any other category protected by law. We believe that diversity and inclusion are critical to our success, and we seek to recruit, develop, and retain the most talented people from a diverse candidate pool. We are proud to be an equal opportunity employer.

Create a Job Alert

Interested in building your career at CrashPlan? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Education

Select...
Select...
Select...
Select...
Select...
Select...
Select...
Select...
Select...
Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in CrashPlan’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.