S'INSCRIRE
Retour aux emplois
XX
Senior Information Security AnalystLucaNetNew Bremen, Ohio, United States
Trouver des emplois similaires

Cette offre d'emploi n'est plus disponible

XX

Senior Information Security Analyst

LucaNet
  • US
    New Bremen, Ohio, United States
  • US
    New Bremen, Ohio, United States
Trouver des emplois similaires

À propos

About Us Lucanet is the CFO Solution Platform built for modern finance & tax teams, offering an integrated suite of solutions to simplify and automate their most critical finance processes. More than 6,000 companies around the world rely on our easy‑to‑use, out‑of‑the‑box SaaS platform—from consolidation and financial planning to tax compliance and reporting, ESG reporting, banking and cash management, and more. PE‑backed and growing our footprint across global markets. Behind the platform is a global team of 850+ people who care about doing the work well. We challenge each other to push boundaries, move fast without cutting corners, and build solutions that genuinely change how finance & tax leaders operate. If you’re looking for a place where your work has real reach—and where your growth is part of the deal—this is it.
The Role This is a new role created because commercial success is driving more security scrutiny than ever, more enterprise deals, more due diligence, more regulatory expectations. We’ve invested heavily in automation (including agentic AI tooling that handles the bulk of RFP responses), we run mature ISO 27001 and SOC 2 programmes, and we’re already underway with ISO 42001 for AI governance. None of this is broken, it needs to go further.
What we need is someone who can handle the last mile: the nuanced security questions that can’t be answered by automation alone, the edge cases that require judgement, the conversations with customers and auditors where clarity and credibility matter. Someone who takes what’s already working and makes it sharper, broader, and more scalable.
This role sits within the Information Security function and works across engineering, SRE, product, and go‑to‑market teams. You won’t just maintain what exists—you’ll push it forward.
What you’ll do
Security assurance & ISMS governance: own the continuous improvement of Lucanet’s control environment—maintaining and maturing the ISMS, strengthening ISO 27001 and SOC 2 processes, and ensuring audit‑readiness remains a permanent state rather than a periodic effort.
Customer trust— the last mile: own what comes after the agentic RFP tooling, handling complex follow‑up questions, assurance calls, and edge‑case scenarios, and refining the knowledge base that feeds automation.
Compliance‑as‑code beyond CI/CD: expand compliance checks into continuous audit monitoring, automated evidence collection for certification cycles, real‑time compliance reporting, and programmatic control validation across infrastructure and operations.
AI security & governance: drive the AI security playbook forward, working on data lineage, model risk, prompt injection defences, and alignment with the EU AI Act.
Third‑party risk: own vendor security assessments, evaluating the risk posture of suppliers and partners and ensuring contractual security requirements are met.
Pragmatic risk management: assess and communicate security risks in a way that enables decisions, applying risk frameworks with commercial awareness.
Vulnerability management: collaborate with engineering and SRE to prioritise and track remediation of vulnerabilities, ensuring findings from scanners, pen tests, and bug bounties are closed systematically.
What you bring to the table Required
3+ years in information security with a focus on GRC.
Working knowledge of ISO 27001 and at least one of SOC 1, SOC 2, or C5.
Ability to translate security controls into language that sales teams, customers, and executives can act on.
Hands‑on experience with an ISMS.
Familiarity with modern development environments: Git, CI/CD, cloud infrastructure (AWS/Azure/GCP).
A default towards automation.
Strong written and spoken English. German is a plus but not required.
Strongly Valued
Experience with compliance‑as‑code approaches.
Exposure to AI governance, AI risk management, or the emerging regulatory landscape around AI.
Experience with tools in our stack: Vanta, Orca Security, Aikido Security, GitHub Actions.
Track record of reducing manual compliance overhead through tooling, templates, or process redesign.
Experience in a B2B SaaS or financial software environment.
Relevant certifications such as CISA, CISM, CISSP, ISO 27001 Lead Auditor/Implementer.
Curiosity about AI and a willingness to use it in your own workflows.
You Don’t Need to Have
Done everything on this list—preferably someone who’s built three of these capabilities brilliantly.
Prior experience in financial software—domain knowledge will be picked up quickly.
Inclusive Workplace We are dedicated to creating an inclusive workplace where all employees can thrive and feel valued. Our recruitment process is solely based on qualifications, merit, and organizational needs, ensuring fairness and equal opportunities for all candidates. Please avoid including personal details such as picture, age, or marital status in your application.
#J-18808-Ljbffr
  • New Bremen, Ohio, United States

Compétences linguistiques

  • English
Avis aux utilisateurs

Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.

Trouver des emplois similaires