-
View all jobs
Qu’s mission is to deliver world class enterprise software to help restaurant chains thrive in the face of increasing complexity, opportunities, and challenges.
Based in Rosslyn, VA, Qu is backed by leading Silicon Valley investors that have also backed Google, Uber, and Dropbox.
We are seeking an enthusiastic Information Security Compliance and Risk Analyst ready to join a talented, hard-working, and ambitious Infosec team.
What You’ll Do Here
As a key contributor to our security and compliance initiatives, you will apply a deep understanding of risk management principles and a strong command of global privacy regulations. You’ll bring hands-on experience in designing, implementing, and auditing comprehensive compliance programs aligned with leading industry standards, including PCI DSS, SOC 2, ISO 27001/27002, and the NIST Cybersecurity Framework. In this role, you will work cross-functionally with internal stakeholders to enhance the organization’s security posture, ensure adherence to data protection requirements, and drive ongoing improvements in response to evolving regulatory and industry demands.
Responsibilities
Based in Rosslyn, VA, Qu is backed by leading Silicon Valley investors that have also backed Google, Uber, and Dropbox.
We are seeking an enthusiastic Information Security Compliance and Risk Analyst ready to join a talented, hard-working, and ambitious Infosec team.
What You’ll Do Here
As a key contributor to our security and compliance initiatives, you will apply a deep understanding of risk management principles and a strong command of global privacy regulations. You’ll bring hands-on experience in designing, implementing, and auditing comprehensive compliance programs aligned with leading industry standards, including PCI DSS, SOC 2, ISO 27001/27002, and the NIST Cybersecurity Framework. In this role, you will work cross-functionally with internal stakeholders to enhance the organization’s security posture, ensure adherence to data protection requirements, and drive ongoing improvements in response to evolving regulatory and industry demands.
Responsibilities
- Support the development, implementation, and enforcement of information security policies, standards, procedures, and controls to meet legal, regulatory, and contractual obligations.
- Assist in evaluating the organization’s existing IT architecture against applicable security frameworks (e.g., NIST CSF, NIST 800-53) to ensure compliance and identify areas for enhancement.
- Oversee and support the implementation of compliance controls and operational processes aligned with recognized security frameworks and best practices.
- Plan and execute regular internal audits to ensure ongoing compliance with key security standards such as PCI DSS, SOC 2, and ISO/IEC 27001.
- Enhance and maintain a comprehensive Risk Management and Incident Response framework to ensure effective identification, mitigation, and response to security threats.
- Conduct audits and assessments to validate adherence to data protection policies and ensure alignment with global privacy and data protection regulations.
- Design and deliver privacy and security training programs, including awareness campaigns to foster a security-conscious culture across the organization.
- Monitor regulatory developments and maintain compliance with evolving privacy laws, including but not limited to CCPA, GDPR, PIPEDA (Canada), and LFPDPPP (Mexico).
- Bachelor's degree in Information Security, Computer Science, or a related field.
- Minimum of 3-5 years of experience in Information Security, with a focus on GRC, PCI DSS, SOC 2, ISO 27001, and privacy regulations.
- Knowledge in privacy regulations and data protection laws in the USA (e.g., CCPA, Texas Act), Canada (e.g., PIPEDA), and Mexico (e.g., LFPDPPP).
- Experience with risk management practices, security audits, and compliance frameworks, including but not limited to NIST, OWASP, SANS, ISO-27001/2, and Cloud Security Alliance.
- Strong attention to detail and the ability to work independently.
- Excellent problem-solving skills with a proactive attitude toward risk mitigation.
- Strong ethical standards and commitment to data security and privacy.
- General knowledge of cloud environments.
- Experience working with Governance Risk and Compliance technologies.
- Experience implementing Data Privacy Technologies.
- Certifications such as CISA, ITIL Expert, Certified Governance Risk and Compliance (CGRC)
Key Skills
Ranked by relevance
nist
pci dss
dss
cloud
incident response
security audits
cloud security
cybersecurity
owasp
gdpr
cisa
itil
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Sr Cloud Engineer | Infrastructure & Networking | Europe remote
2026-06-17
Full-time
Not Applicable
Austria
Software Development
Engineering
View Job Details
Related
Junior Consultant (all genders) Cyber Security - Studentjob.at
2026-06-17
Full-time
Not Applicable
Austria
Software Development
Consulting
View Job Details
Related
Information Technology Project Manager
2026-06-16
Full-time
Mid-Senior
Belgium
Software Development
Information Technology
Login to Apply
- Posted
- Jul 18, 2025
- Type
- Contract
- Level
- Entry
- Location
- Argentina
- Company
- Qu
Industries
Software Development
Categories
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Sr Cloud Engineer | Infrastructure & Networking | Europe remote
2026-06-17
Full-time
Not Applicable
Austria
Software Development
Engineering
View Job Details
Related
Junior Consultant (all genders) Cyber Security - Studentjob.at
2026-06-17
Full-time
Not Applicable
Austria
Software Development
Consulting
View Job Details
Related
Information Technology Project Manager
2026-06-16
Full-time
Mid-Senior
Belgium
Software Development
Information Technology