Information Security Analyst

Harness serves as the missing link between how we spend and what we believe in. Our financial technology platform connects consumers with nonprofits, financial institutions, and brands, helping consumers’ everyday spending to be a true representation of who they are—an ongoing vote for the world they want to live in.

At Harness, our team is made up of unique individuals who: 

Think Bold
Solve for Big Ideas
Collaborate
Lead with Passion

Want to be part of our mission?

About the role

We are seeking a highly motivated Information Security Analyst to join our growing security team. This role will run internal IT security, lead our SOC 2 Type 2 compliance efforts, and manage 3rd party security reviews and pentests. You will play a key role in ensuring the security of our platform, maintaining compliance with industry standards, and responding to customer security inquiries. This is a great opportunity for someone looking to contribute their expertise in security operations and compliance and develop into a CISO through leadership exposure and mentorship.

What you'll do

Internal IT Security

• Own and manage all internal IT security-related issues, ensuring a secure and resilient IT infrastructure including device management, access controls, and monitoring.
• Strengthen security operations and risk management
• Work closely with engineering to ensure secure infrastructure and application development.
• Perform security audits on internal IT systems and vendors to ensure compliance with best practices.

SOC 2 Type 2 & Risk Management

• Lead efforts to maintain and enhance SOC 2 Type 2 compliance [previous audit experience preferred, but not required].
• Assist in developing and enhancing Governance, Risk, and Compliance (GRC) processes and tools.
• Own the completion of customer security questionnaires, ensuring clear and accurate responses.

Security Policy Development & Incident Response

• Review industry cybersecurity frameworks and enhance relevant controls.
• Propose, draft, and update security policies and procedures.
• Assist in incident response efforts, including forensic analysis and mitigation strategies.

Qualifications

• Experience: 5+ years of experience in cybersecurity, information security, or a related field.
• Education: A degree in Computer Science, Cybersecurity, Information Technology, or equivalent experience.
• Technical Knowledge: Familiarity with cybersecurity frameworks (SOC 2, NIST, ISO 27001, CIS, etc.), risk assessment methodologies, and vulnerability management.
• Skills: Strong analytical and problem-solving skills, ability to assess and mitigate security risks, and familiarity with security automation tools.
• Certifications (Preferred): Security+, CISSP, CISA, CEH, or other relevant security certifications.
• Communication: Strong verbal and written communication skills to document findings and collaborate with cross-functional teams.

Work Location & Availability:

This is a fully remote position, but candidates must be available to work during Eastern Standard Time (EST) hours to align with the team operations. While we welcome applicants from across the United States, preference will be given to those based near Tampa, FL, or Southeastern U.S. for occasional in-office collaboration as needed. 

Compensation & Eligibility
This position offers a competitive salary rate of $80,000 - $100,000, determined based on job-related skills, experience, qualifications, work location, and market conditions. Candidates must be legally authorized to work in the United States. 

Why Join Us?

At Harness, you’ll be part of a mission-driven team that values bold thinking, collaboration, and passion. As an Information Security Analyst, you’ll have the opportunity to contribute and grow your expertise while working with cutting-edge technologies and a supportive, innovative team. Join us in building a safer, more secure future and making a meaningful impact on our mission to connect everyday spending with the world we want to live in.