Security Analyst, Compliance

We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry. This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us. THE ROLE At Pure Storage, Information Security is a foundational business priority. The Security team is a core engineering-focused group deeply embedded in ensuring the security of our corporate environment and Pure Storage services. We are dedicated to staying on the cutting edge of security technology and proactively addressing the evolving threat landscape. We are seeking a proactive, detail-oriented Security Analyst, Compliance to independently run compliance certification programs with minimal supervision and actively support the broader compliance efforts of the team. WHAT YOU'LL DO Execute and support compliance certification programs (e.g., SOC 2, ISO 27001, FedRAMP, Common Criteria), ensuring all security and regulatory requirements are met. Collaborate and maintain communication with cross-functional teams (e.g., Engineering, Legal, Product) and external auditors/stakeholders to ensure smooth project execution and successful outcomes. Assist and support internal teams through independent assessments and audits. Translate complex security and compliance controls into actionable technical solutions and implementation strategies. Develop, track, and report on key compliance metrics (KCMs), continuously driving process improvements to align with evolving industry standards and best practices. Author and maintain comprehensive compliance documentation, including control narratives, audit evidence, and supporting materials, ensuring they are accurate, up-to-date, and audit-ready. Independently drive on recurring tasks and events such as access reviews and vulnerability scanning across multiple business units with differing scopes. We are primarily an in-office environment and therefore, you will be expected to work from the Lehi, UT office in compliance with Pure’s policies, unless you are on PTO, or work travel, or other approved leave. WHAT YOU BRING 5+ years of experience in IT audit, risk management, or IT compliance roles, with demonstrated experience running compliance certification programs. In-depth understanding of security controls and key compliance frameworks (e.g., NIST, SOC2, ISO 27001, FedRAMP, FIPS, Common Criteria) as well as cloud platforms (e.g. AWS, Azure, GCP, etc.) Strong written and verbal communication skills, with the ability to engage effectively with both internal teams and external auditors. Ability to identify and recommend tools, processes, and software to improve and automate compliance practices. Security Operations or Engineering background preferred but not required Relevant certifications such as CISSP, CISA, or CISM, ISO/IEC 27001 Lead Implementer or Lead Auditor are preferred but not required. #LI-ONSITE #LI-TH3 Salary ranges are determined based on role, level and location. For positions open to candidates in multiple geographical locations, the base salary range is reflective of the labor market across the applicable locations. This role may be eligible for incentive pay and/or equity. There is no application deadline and we accept applications on an ongoing basis until the job is filled. The annual base salary range is: $110,000 $165,000 USD WHAT YOU CAN EXPECT FROM US: Innovation : We celebrate those who think critically, like a challenge, and aspire to be trailblazers. Growth : We give you the space and support to grow along with us and to contribute to something meaningful. We have been named Fortune's Best Workplaces in Technology™, Fortune's Best Workplaces in the Bay Area™, and certified as a Great Place to Work®! Team : We build each other up and set aside ego ... (truncated, view full listing at source)