Security Analyst

Summary

Join Sardine's IT and Security Team as a Security Analyst, contributing to both Security Operations (SOC) and Governance, Risk, and Compliance (GRC). This role blends hands-on threat detection with strategic risk management, requiring monitoring, analyzing, and responding to security incidents. You will collaborate with auditors and internal teams to support compliance efforts and security reviews. The position demands strong analytical, problem-solving, and communication skills. Sardine offers a remote-first work culture and a comprehensive benefits package.

Requirements

• 3+ years of experience handling security challenges in a high-growth environment
• Strong understanding of security frameworks and standards (e.g., NIST, ISO 27001, SOC 2)
• Knowledge of relevant regulations and compliance requirements (e.g., HIPAA, PCI DSS, GDPR)
• Working knowledge of MacOS
• Familiarity with risk assessment methodologies and frameworks
• Experience in developing and implementing security policies, standards, and procedures
• Strong analytical, problem-solving, and incident response skills
• Excellent communication and interpersonal skills, with the ability to effectively interact with technical and non-technical stakeholders

Responsibilities

• Develop, implement, and maintain security policies, standards, and procedures in line with regulatory requirements (e.g., NIST, ISO 27001, HIPAA, PCI DSS, GDPR)
• Conduct risk assessments to identify and mitigate threats to information assets
• Monitor and report on compliance, tracking the effectiveness of security controls
• Manage security audits, coordinate with external auditors, and address findings
• Maintain security documentation and ensure alignment with evolving regulations
• Provide security awareness training and support incident response planning
• Monitor SIEM systems and security tools for threats and vulnerabilities
• Investigate and respond to security incidents, documenting analysis and remediation steps
• Perform vulnerability scanning, penetration testing, and security assessments
• Collaborate with IT teams to implement security controls and remediate risks
• Stay informed on emerging threats and contribute to threat intelligence initiatives
• Participate in incident response exercises and develop security reports for management

Benefits

• Generous compensation in cash and equity
• Early exercise for all options, including pre-vested
• Work from anywhere: Remote-first Culture
• Flexible paid time off, Year-end break, Self care days off
• Health insurance, dental, and vision coverage for employees and dependents - US and Canada specific
• 4% matching in 401k / RRSP - US and Canada specific
• MacBook Pro delivered to your door
• One-time stipend to set up a home office — desk, chair, screen, etc
• Monthly meal stipend
• Monthly social meet-up stipend
• Annual health and wellness stipend
• Annual Learning stipend
• Unlimited access to an expert financial advisory