Information Security Analyst
Sprout Social is looking for an experienced security engineer to join the team that is responsible for the security posture of our entire organization, including our development, production environments, and internal concerns. As a software company, security is incredibly important to us. Our software is used by more than 20,000 brands around the world. Companies like Dropbox, Zendesk, Fender, Zipcar and Evernote, rely on Sprout to create stronger relationships with their customers through social media. Our security team is responsible for ensuring that we are designing platforms, implementing tools, and building products with security in mind.
We’re looking for someone who knows more than how to run a commercial application scanning tool: we expect you to know the internals of how web applications and distributed systems work and be able to collaborate with engineers and IT staff to increase the monitoring, reporting and mitigation capabilities of our Security Operations team. You will help establish a risk based pipeline, manage and own cross-organizational projects, and work to continuously improve our security posture. As a cloud native company, you'll be involved in securing our cloud environments and working with SaaS-based tooling. You'll also be executing on our compliance efforts, including audit and reporting requirements: GDPR and SOC2.
As we build our team, we are looking for someone that enjoys refining and introducing new processes and frameworks. If you are fluent in risk identification and mitigation and stay up to date on the latest security threats and trends in our industry, we’d love to talk with you!
Within 1 month, you will:
- Complete Sprout’s New Hire training program alongside other new Sprout team members.
- Be introduced to Sprout’s security stakeholders across the organization.
- Learn our existing tooling and begin monitoring the status of our environments.
- Collaborate regularly with members of our infrastructure and development teams and get up to speed on our current and future initiatives.
- Begin to decompose larger security projects into small, more manageable deliverables.
- Get regular team feedback on your approach to managing and engaging our existing risks and security capabilities.
Within 3 months, you will:
- Work with your manager and teammates to create and prioritize quarterly team goals.
- Begin to take ownership of our bug bounty program and improve our engagement with the larger security community.
- Review, refine and assign alerts triggered from our IDS and other monitoring platforms.
- Participate in our SOC2 gap analysis and overall compliance efforts.
- Build connections with members from other teams through active networking and community building.
Within 6 months, you will:
- Coordinate and work with external vendors to conduct regular application-level and infrastructure-level penetration tests.
- Identify security gaps within our systems, present plans to mitigate risks, and work with teams get them prioritized within their workstreams.
- Generate and improve upon internal and external security policies and standards.
- Drive internal security awareness training and phishing tests.
- Regularly report on overall security health and recommendations to our technical leadership team.
- Partner with the Infrastructure team to continuously improve our ability to deliver reliable and secure services.
Within 12 months, you will:
- Be a go-to expert and security representative within Sprout.
- Help define and build the security roadmap for future work.
- Work and effectively communicate with other groups across the organization to ensure big-picture alignment and encourage cross-team collaboration with our GRC framework.
- Own cross-organizational projects, demonstrating project management skills, consensus building, and strong leadership.
- Have opportunities to contribute to in-house technical presentations, employee onboarding, and workshops that share your expertise with large groups of Sprout employees.
- Have opportunities to advocate for Sprout in the larger security community by participating/speaking at conferences, user groups, etc.
- Surprise us! Use your unique ideas and abilities to change Sprout Security in beneficial ways that we haven’t even considered yet.
Of course, what is outlined above is the ideal timeline, but things may shift based on business needs and other projects and tasks could be added at the discretion of your manager.
About Sprout Social
Sprout Social powers open communication between individuals, brands and communities through elegant, sophisticated software. We are relentless about solving hard problems for our customers and committed to both customer and team success.
Team Sprout is a group of very talented, smart and passionate people with broad interests and backgrounds. We believe that true employee engagement cannot happen if you can’t bring your whole self to work, so we’re committed to building a diverse team, embracing an inclusive culture and investing in equity across our organization. That dedication is core to Sprout. We want all candidates, particularly those coming from traditionally underrepresented groups in the technology industry, to know they are welcome at Sprout.
We’re proud to regularly be recognized for software, product and company culture achievements. Our team’s shared belief in Sprout’s mission promotes a culture of openness, empowerment and fun. We have built a benefits program to match the strength of our team. This program includes:
- Insurance and benefit options that are built for both individuals and families, including generous company contributions
- Progressive benefit programs, like our parental leave program and free Divvy bike memberships
- High-quality and well-maintained equipment - your computer will never prevent you from doing your best
- Beautiful, convenient and state-of-the-art offices in Chicago’s Loop
- Solid programs in some of the staples: transportation, disability and life insurance
- Wellness initiatives to ensure both health and financial well-being of our team
- Breakfast and lunch options onsite, and more healthy snack options and beverages than you can imagine
- Growing corporate social responsibility program that is driven by the involvement and passion of our team members
Sprout Social is an equal opportunity employer. Anyone seeking employment here is considered without regards to race, color, religion, national origin or ancestry, sex (including sexual identity), age, physical or mental disability, pregnancy, veteran or military status, unfavorable discharge from military service, genetic information, sexual orientation, marital status, order of protection status, citizenship status, arrest record or expunged or sealed convictions, or any other legally recognized protected basis under federal, Illinois, or local law. We value the things that make us different and want to see how you can make our team better!