Decisions is a software development company headquartered in Virginia Beach, Virginia, USA, and it provides a no-code automation platform for all types of business processes. With the no-code automation platform, you can fix the customer experience, modernize legacy systems, ensure regulatory compliance, and automate anything in your business. We help people who know what to do, get it done, and change their world.

Role Summary

As a Compliance/Security Analyst, your daily work ensures organizational operations meet industry compliance standards to increase customer confidence in Decisions' platform, people, and processes. This role is directly responsible for collaborating with leadership, training employees on industry standards, developing policies, evaluating compliance,

and communicating the security posture of Decisions with customers and Decisions leadership.

You will strive to elevate the security of customer data as well as internal systems and tools by fighting the status quo of “security theater” to extend our culture of safety and security as a lifestyle in all facets of our business.

Key Objectives

Objective #1: Bolster Public Brand Trust

Support Customer Growth

Eliminate internal and external threats to our business

Manage vulnerability scanning, reporting, and mitigation activities

Identify and understand current organizational policies and practices

Communicate with prospects, customers, and team members to continually increase confidence

Contribute to the timely completion of accurate customer security questionnaires

Observe and act as needed to advance our mission and who we are as an Organization

Objective #2: Drive Business Alignment

Steward a shared company culture of data security awareness

Serve as Incident Response Coordinator during threat events

Administer quarterly phish tests and implement remediation strategies

Partner with IT to maintain principle of account least privilege

Contribute to the org-wide Risk Register to proactively monitor, manage, and resolve business threats

Advise on developing and implementing new compliance policies and procedures as required

Collaborate with security champions within each department

Complete timely and accurate Cloud Cost reporting and SLA reporting requests

Objective #3: Maintain Regulatory Adherence

Support real-time, collaborative audit readiness

Complete internal and external security and privacy audits (ex: SOC2, HITRUST, PCI DSS, ISO27001, etc)

Communicate with auditors and follow up on action items in a timely manner

Contribute to internal audits to assess operational and procedural compliance

Research industry regulations and policies

Specialized Experience or Skills

Required

Technical adeptness and proficiency (if you’ve never used a computer, this is not the role for you)

Experience prioritizing and completing multiple tasks on tight timelines

Strong problem-solving skills as well as excellent process discipline, milestone management, and time management skills

Ability to take in information and summarize the most important content

Ability to listen attentively to others and communicate effectively both verbally and in writing

Experience working on teams that require high levels of cooperation, flexibility, cross-group collaboration, and real-time response

Ability to independently seek and find answers to complete tasks under narrow deadlines

Attention to detail without losing sight of the big picture

Preferred

IT (Helpdesk, Technical Support, SysAdmin) and/or Customer Service Experience

COMPTIA A+, Network+, and/or Security+

Exposure to performing key Information Security operational activities

Experience with EDR/XDR, IDS/IPS systems

Experience contributing to internal and external audits (ex: SOC2, ISO 27000, PCI DSS, HITRUST, FEDRAMP, etc)

Experience using Public Clouds (bonus points for Azure or AWS certifications)

Linux experience

Other Industry certifications: CAP, CCSK, CISA, CCSP, CRISC, Linux+

Apply now

See more open positions at Decisions

Privacy policy Cookie policy