Security Analyst


Singapore City, SG
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 04/16/2021
  • Website:
  • Company Address: 690 5th Street San Francisco, CA, San Francisco, CA, 94107

About UserTesting

UserTesting is an on-demand human insight platform that quickly gives companies a first-person understanding of how their target audience behaves throughout any experience and why.

Job Description

UserTesting was founded in 2007, and is backed by world class VCs: Accel, Greenspring, Insight Partners, and OpenView. In 2020, we crossed $100M in revenue, and are accelerating our international growth from our San Francisco headquarters. UserTesting is now present in 12 countries, with regional offices in Atlanta, Edinburgh, Singapore, and Oslo. Today, more than 2,000 organizations in 45 countries use the UserTestingⓇ Human Insight Platform to make more informed, customer-first decisions at scale.

Choosing to join our team means being part of a passionate group focused on transforming the way companies learn about their customers and build better products and experiences. Using our powerful software combined with the industry’s largest and most diverse panel of test participants, our customers can quickly target their audience and receive think-aloud video feedback from real people sharing their thoughts to your questions. UserTesting’s industry-leading platform enables companies to get rapid feedback on all types of customer interactions and experiences: websites, mobile apps, prototypes, campaigns, real world experiences, and more! A recent Forrester study found the ROI of using UserTesting to be 655%!

We’re proud that this is our third year of being honored as an Inc. Best Workplace and a Fortune Best Workplace in the Bay Area, along with having received a variety of additional workplace and corporate growth awards. We’ve made a commitment to build and develop a diverse workforce that reflects the labor markets in which we operate. We actively look to add amazing people to our team who will bring diversity across many lines, including race, ethnicity, religion, sexual orientation, age, marital/family status, disability, gender identity, sex, and country of origin, in addition to bringing a variety of backgrounds, interests and opinions.  At the end of 2020, our global team was 43% women and 36% minority; in the U.S., our underrepresented minority population was 16%. In the last year, we’ve had more than a third of our employees take on new roles within UT.  We do everything we can to make UserTesting a place where you feel you belong and are empowered to do the best work of your career.

About the team:

The Office of Information Security is a small team of dedicated professionals charged with the responsibility of overseeing security at UserTesting.  UserTesting customers trust us to keep their work confidential and to obey international privacy laws.  We work cross functionally with almost every team in the company to ensure that appropriate policies are established and followed, risks are managed, and incidents investigated and mitigated. We thrive in the company culture that rewards collaboration, diligence, hard work and focusing on getting better. 

The Opportunity:

Join our passionate information security team and help us drive cutting edge security technologies and be part of exciting security projects and initiatives for a high growth and fast-moving SaaS company that’s devoted to data protection and believes our customers should be able to see, hear and talk to their customers to EMPATHIZE & UNDERSTAND their perspectives and gain fast feedback and insights to make decisions at the speed of business today. 

  • Assist customers in understanding and evaluating UserTesting's security profile
  • Identify and communicate current and emerging security threats  
  • Identify security gaps in existing and proposed technologies and recommend changes or enhancements
  • Assist in developing and maintaining enterprise information security policies, technical standards, guidelines, and procedures.
  • Assist in the process of conducting risk assessments of internal/external applications and solutions, ensuring adherence to regulations, policies, and frameworks
  • Assist in the process of conducting vendor information security risk reviews and communicate the results.
  • Review security language in contracts, work orders and other customer agreements to make sure it aligns with and can be met by company policies and practices.
  • Assist in maintaining compliance with internal controls and certifications 
  • Provide ongoing, up-to-date security awareness training.
  • Respond to security incidents and help keep track of post-incident tasks 
  • Participate in managing the phishing awareness and bug bounty programs
  • Contribute to the design and implementation of enterprise-class security systems.
  • Participate in internal audits and support external audits 

What We’re Looking For In This Role:

Two or more years of security experience, including: 

  • Implementing security controls, performing ongoing maintenance on security technologies, and prevent, detect analyze and respond to security incidents.
  • Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
  • Consulting in the development and design of security best practices and implementation of solid security principles across an enterprise organization.
  • Providing security and awareness training.

Experience with and knowledge of:

  • LANs, WAN, VPNs, Routers, firewalls, and IDS/IPS systems.
  • Knowledge of security vendor landscape for antivirus, data loss prevention, vulnerability scanning, and network security technologies.
  • Understanding of standards and frameworks such as Committee of Sponsoring Organizations of the Treadway Commission (COSO), Control Objectives for Information and Related Technology (COBIT), International Organization for Standardization (ISO), and National Institute of Standards and Technology (NIST).
  • Privacy regulations including Singapore’s Personal Data Protection Act (PDPA), the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR). 

General skills include:

  • Strong communication skills (verbal and written)
  • Organizational skills, ability to multitask, strong attention to detail, excellent problem solving, and follow-up skills required. 
  • Work in a team environment and independently, make decisions and multitask effectively in a very diverse, project-oriented environment. 
  • Ability to complete high-quality deliverables and is a team player.
  • Provides extraordinary customer service. 
  • To learn and comprehend basic instructions, understand the meanings of words and respond effectively, and perform basic arithmetic accurately and quickly.
  • Critical thinking and analytical skills.
  • Demonstrated ability to identify risks associated with information security programs and technology projects.

Relevant experience, education, and certifications:

  • Minimum of two years of cumulative paid work experience in information security, information technology, or technology risk management related work.
  • Minimum of one-year college completed in coursework related to information security, engineering, mathematics, or a related area. An associate’s degree in an IT field is a plus, and a Bachelor’s degree in cybersecurity is an even more significant plus.
  • Holds an active certification from the International Information System Security Certification Consortium (ISC)² or the Information Systems Audit and Control Association (ISACA), or can pass the CISSP certification within 12 months of hire.

Why you’ll love working for UserTesting:

To learn more about our team, culture, and customers, check out our careers page, company blog, and press/awards. Aside from a great work environment and the opportunity to change the world, we’re also growing the team quickly - join us!

****UserTesting is an Equal Opportunity Employer and a participant in the U.S. Federal E-Verify program.  Women, minorities, individuals with disabilities and protected veterans are encouraged to apply.  We welcome people of different backgrounds, experiences, abilities and perspectives.  UserTesting will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance, as applicable.  Unfortunately, we are not currently hiring in the state of Colorado.

Related Jobs

Front-End Engineer

UserTesting - Vancouver City, British Columbia, CA

Solutions Consultant

UserTesting - Remote

Business Development Representative

UserTesting - Atlanta, GA, US

Solutions Consultant (West Coast)

UserTesting - Remote

Lead UX Writer

UserTesting - Atlanta, GA, US
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.