Associate Security Analyst

Summary

Join Coconut Software as an Associate Security Analyst and play a key role in strengthening our information security and compliance posture. You will collaborate with various teams, support audits and compliance reviews, monitor security practices, manage risks, and contribute to security awareness training. This role requires 1–3 years of experience in information security or a related field, foundational knowledge of security concepts, and excellent communication skills. You will also assist in responding to third-party and customer due diligence inquiries and support GRC tool management. This is a fantastic opportunity for early-career professionals to grow their expertise and contribute to a dynamic SaaS environment.

Requirements

• 1–3 years of experience (including internships, coursework, personal projects, or open-source contributions) in information security, compliance, or related areas
• Foundational knowledge of: Logging/Monitoring and SIEM tools (e.g., Splunk)
• AV/MDM management
• Information security risk management
• Business continuity and disaster recovery (BCP/DRP)
• Compliance management frameworks
• Clear written and verbal communication skills, with the ability to explain technical findings in simple terms
• Familiarity with common compliance standards (e.g., SOC 2, ISO 27001, GDPR, CCPA, PCI DSS, CSA STAR)

Responsibilities

• Collaborate with teams across Site Reliability, Engineering, Development, HR, and more to align policies and practices with certifications and regulatory standards
• Support external audits, compliance reviews, customer due diligence requests, and assessments (e.g., SOC 2, ISO 27001)
• Assist in monitoring enterprise-level InfoSec and compliance practices and responding to security alerts
• Help identify and manage security risks, contributing to proactive solutions that improve our overall security posture
• Contribute to the development and delivery of security awareness training and compliance-related education for employees
• Draft, review, and update internal security and compliance policies, procedures, and standards
• Stay informed about evolving industry regulations and best practices to ensure our compliance efforts stay current
• Assist in responding to third-party and customer due diligence inquiries
• Support GRC tool management and help build a scalable risk and compliance framework

Preferred Qualifications

• Interest in audit management, third-party risk, and GRC tools
• A learning mindset and eagerness to explore new tools, especially AI-based solutions
• You've experimented with AI tools for work or fun, and you’re excited about deepening that knowledge to drive efficiency and innovation

Benefits

• "Cabana Days" - our version of a flexible work week !
• Ability to do your job in a supported, but still flexible environment
• Supported professional development, learning & career opportunities - be supported in your growth journey!
• Regular 1:1 coaching with your leader and regular connection to a passionate executive team
• Work in a team big enough for growth but lean enough to make a real impact
• A full range of benefits to keep you happy & healthy
• Competitive Salaries - we pay fairly based on experience and expertise, not your ability to negotiate!
• Health & Dental Benefits, Virtual Care, & Disability top up - all starting from day 1!
• Virtual mental health and EAP platform
• WealthSimple GRSP & Matching
• Annual Wellness Benefit ($1000 per year)
• Opportunity to work remote - anywhere in Canada!
• Employee Options - everyone shares in our success!
• Internet Subsidy on each paycheck
• Tiki Bucks Incentive Program - everyone is entitled to earn bonuses!