IT Security Compliance Analyst

About Boomi and What Makes Us Special

Are you ready to work at a fast-growing company where you can make a difference? Boomi aims to make the world a better place by connecting everyone to everything, anywhere. Our award-winning, intelligent integration and automation platform helps organizations power the future of business. At Boomi, you'll work with world-class people and industry-leading technology. We hire trailblazers with an entrepreneurial spirit who can solve challenging problems, make a real impact, and want to be part of building something big. If this sounds like a good fit for you, check out boomi.com or visit our Boomi Careers page to learn more.

How You'll Make An Impact

Boomi is looking for a detail-oriented, technically savvy Security Compliance Analyst to join our Governance, Risk, and Compliance (GRC) team. In this role, you will manage the lifecycle of security audits, perform internal assessments, and ensure our cloud infrastructure remains compliant with international and regional frameworks. You will help translate complex regulatory requirements into actionable technical controls for our DevOps and Engineering teams.

What You'll Do

• Audit Management: Lead the preparation, execution, and remediation phases for global audits including SOC 1/SOC 2, ISO 27001/27701, and Cyber Essentials Plus.
• Public Sector Compliance: Maintain Boomi's FedRAMP authorization status (Moderate/High) and support Australian government requirements via the IRAP framework.
• Continuous Monitoring: Perform regular internal gap analyses and "mock audits" to ensure controls are operating effectively throughout the year, not just during audit windows.
• Stakeholder Collaboration: Work closely with Engineering, Legal, and HR to document processes and evidence that satisfy security control requirements.
• Risk Assessment: Identify and communicate security risks associated with third-party vendors and internal architectural changes.
• Evidence Collection Automation: Drive initiatives to automate compliance evidence collection to reduce "audit fatigue" across the technical organization.

The Experience You Bring

• Experience: 4+ years in IT Audit, Information Security, or Compliance, specifically within a SaaS or Cloud Service Provider environment.
• Framework Expertise: Deep functional knowledge of SOC 2, ISO 27001, and NIST 800-53 (FedRAMP).
• Technical Literacy: Ability to understand cloud infrastructure concepts (AWS/Azure) and explain security controls related to IAM, encryption, and vulnerability management.
• Communication: Exceptional ability to translate "auditor-speak" into technical requirements for developers.

Bonus Points If You Have

• Certifications: CISA, CRISC, CISM, or CISSP
• Familiarity with international standards like IRAP or Cyber Essentials is highly preferred.
• Familiarity with the following services: Knowbe4, SafeBase, Ascend, Blue Herring, and/or Jira

Aren't sure if you're a match? We know that impostor syndrome and the confidence gap can prevent us from meeting spectacular candidates — so don't hesitate to apply; you could be the perfect fit!

Location
Hybrid - Conshohocken, PA

Compensation and Benefits

Boomi is committed to fair and equitable compensation practices. Base compensation for this position in our corporate headquarters in Conshohocken, PA ranges from $110,179-150,954 . Final compensation will be determined by various factors including the candidate's knowledge, skills, experience, and geographic location. An overview of our benefits can be found here.

Be Bold. Be You. Be Boomi. We take pride in our culture and core values and are committed to being a place where everyone can be their true, authentic self. Our team members are our most valuable resources, and we look for and encourage diversity in backgrounds, thoughts, life experiences, knowledge, and capabilities.

All employment decisions are based on business needs, job requirements, and individual qualifications.

Boomi strives to create an inclusive and accessible environment for candidates and employees. If you need accommodation during the application or interview process, please submit a request to [email protected]. This inbox is strictly for accommodations, please do not send resumes or general inquiries.