About Us

Jump is a rapidly scaling company backed by top VCs and trusted by thousands of financial advisors. We're growing quickly and building the infrastructure to support our next stage of growth.

The Opportunity

As our Security Compliance Analyst, you will be the crucial bridge between our world-class security program and our customers. This is not a typical, back-office compliance role. You are a security expert who thrives in a customer-facing capacity, using your deep technical knowledge to build trust, accelerate sales cycles, and embed security into the fabric of our customer relationships. 

What You'll Do

• Customer Trust & Sales Enablement:

  • Lead our security response process, acting as the primary subject matter expert for all security, privacy, and compliance inquiries from prospects and customers.

  • Take ownership of completing customer security questionnaires, DDQs, and RFPs with accuracy and timeliness, directly supporting the Sales team in overcoming security hurdles.

  • Partner with the Sales team on customer calls, confidently articulating our security and compliance posture to CISOs, security architects, and other technical stakeholders.

  • Collaborate with our Legal team to review and negotiate security-related terms in customer contracts.

  • Develop and maintain a library of security collateral, including pre-approved responses and documentation, to enable the sales process at scale.

• GRC & Audit Management:

  • Manage and maintain our compliance with key industry frameworks, including SOC 2 and ISO 27001.

  • Coordinate and participate in all internal and external security audits, acting as the primary liaison with auditors and managing the evidence collection process.

  • Develop, maintain, and update our information security policies, standards, and procedures to align with best practices and regulatory requirements.

  • Contribute to our information security risk management program, including conducting risk assessments and maintaining our risk register.

• Vendor Risk Management & Technology:

  • Serve as the primary administrator and expert for our Vanta Trust Management Platform, leveraging it to automate compliance monitoring and reporting.

  • Manage our end-to-end third-party risk management (TPRM) program within Vanta, from initial due diligence and risk assessment of new vendors to continuous monitoring.

  • Conduct thorough security reviews of our vendors' compliance postures, including analyzing their SOC 2 reports and other certifications.

  • Use Vanta to track and drive the remediation of any identified vendor-related risks.

What We're Looking For

• 2 to 3+ years of proven experience in Information Security, GRC, IT Audit, or a related field, preferably within a B2B SaaS or cloud-native environment.

• Deep, practical knowledge of security frameworks, specifically SOC 2, CCPA and ISO 27001.

• Strong understanding of security principles in cloud environments (AWS, GCP, or Azure).

• Direct, hands-on experience administering and using Vanta for compliance and vendor risk management.

• Demonstrable experience partnering with Sales teams, completing security questionnaires, and communicating directly with customers on security topics.

• Exceptional verbal and written communication skills, with the ability to make complex topics understandable to both technical and non-technical audiences.

• A proactive, collaborative, and customer-centric mindset with meticulous attention to detail.

Not Required, But a Plus

• Professional certifications such as CISSP, CISM, CISA, or CRISC.

• Experience with additional frameworks like HIPAA, PCI DSS, or GDPR.

• Familiarity with security tools like SIEM platforms.