Lead IT Security Analyst

Job Description

Job Title: Lead IT Security Analyst

Function: IT

Position Type: Full-time

Position Level: Senior

Location: Denver, CO

Travel Requirements: <10%

Lead IT Security Analyst

Named among the best workplaces in the U.S. by Great Place to Work five times, honored on FORTUNE Magazine’s inaugural list of the 100 Best Workplaces for Millennials, and chosen as the “Market Leader in Incentive Compensation” by CRM magazine, Xactly is proud to be disrupting the incentive compensation market space. We’re building a culture of success and are looking for motivated professionals to join us!

As a Lead IT Security Analyst in Xactly’s Denver office, you will be responsible for working with internal staff and Information Security to establish and enforce information security best practices, protect internal systems, improve processes and information security controls. We are seeking someone who wants to make a real impact with a rapid growth software company who is excited to tackle new challenges and opportunities while acting as an articulate team player who is passionate about information security and is excited to spread the Xactly love.

Not only do we offer strong growth opportunities for top performers, but we also have a top-notch culture, benefits (check them out below) and more.  Our strong C.A.R.E. values – Customer Focus, Accountability, Respect & Excellence – guide our every move, allowing us to be a leader in the incentive compensation & performance management market. We set the example with excellent customer experience and deliver an award winning SaaS (Software-as-a-Service) product!

Read all about us at www.xactlycorp.com!


  • ●Security Infrastructure – Support components of the security infrastructure.
  • ●Security Awareness – Update security awareness training, communications, and resources.
  • ●Security Consultation – Resolve internal questions related to security issues, vendors, solutions, or applications.
  • ●Security Assessment – Review a specific vendor or solution and define security requirements to gain security approval to use at Xactly.
  • ●Security Testing – Perform penetration tests, threat analysis, and environment analysis.
  • ●Security Compliance   – Assist with compliance activities for SOX or other audits. Includes such activities as Quarterly access reviews.
  • ●Security Policies – Create or update security policies, procedures, standards, and guidelines as necessary.
  • ●Incident Response – Provide tier 2 analytical support to the monitoring team, and respond to security incidents, draft incident reports, note lessons learned.Required Skills:
  • ●Requires 5 years in Information Security and minimum 5 years working in Information Technology
  • ●Experience working in a SaaS company while supporting SOX compliance initiatives
  • ●Analytical and problem-solving skills, with an ability to assimilate, analyze and correlate large amounts of forensic data from various network, operating system, application, and security devices, logs, and alerts
  • ●Project and program management experience with a business focus
  • ●Ability to multi-task, able to provide strategic and tactical direction for the IT security program
  • ●Understanding and experience in networking concepts and services such as VPNs, firewalls, 802.1x, etc
  • ●Provide strategic and tactical direction for the internal security program
  • ●Identify security product/process gaps and implementation of enhancements/resolutions
  • ●Review and/or approve changes to critical business systems and applications in line with customer, regulatory, and industry standards and requirements
  • ●Perform security reviews of vendors to ensure compliance with policies and customer requirements
  • ●Provide evidence for audits (SSAE16, SSAE18, SOC 2 Type 2, SOX)
  • ●GRC (governance, risk, compliance) and various security standards and regulatory frameworks (SOC1 and SOC2, GDPR, Privacy Shield, CSA)
  • ●Securing data stored in third-party cloud apps (i.e. Box, Google)
  • ●Creating and maintaining policies, standards, and procedures
  • ●Experience with incident response, disaster recovery, and business continuity planning
  • ●Experience auditing backend infrastructure including switches, routers, firewalls, proxy servers, and enterprise systems and storage solutions
  • ●Experience with intrusion detection and prevention (network and host-based) tools, security event and information management tools, and network and system forensics tools
  • ●Experience in deployment and management of applied IT security technologies and tools such as two-factor authentication, data loss prevention (DLP) technologies, network access control, centralized endpoint protection, and content filtering
  • ●Knowledge of current penetration testing and vulnerability assessment tools and techniques for hosts, applications, web applications, and network devices
  • ●Excellent customer service, time management, and organizational skills
  • ●Proactive approach, determined, cooperative, analytical demeanor
  • ●Ability to speak truth to leadership and learn quickly
  • ●High degree of personal integrity and professionalism
  • ●Excellent communication skills
  • ●Works effectively with minimal supervision in a collaborative environment
  • ●Able to adapt to a constantly changing environment
  • ●Security and/or technical certification a plus
  • ●Bachelor’s degree in Computer Science, Management Information Systems or a related field or the equivalent in applicable technical and/or help desk trainingPreferred Skills:


    Benefits and Perks

  • ●Flexible Time Off (FTO)
  • ●Comprehensive Insurance Coverage (including pet insurance!)
  • ●Tuition Reimbursement
  • ●XactlyFit Gym/Fitness Program Reimbursement
  • ●Kitchen Stocked Daily with Tasty Snacks, Fruit, and Drinks
  • ●Access to Corporate Discounts
  • ●Free Parking & Commuter Benefits
  • ●Up to (3) Days Paid Leave to Participate in Community & Volunteer Opportunities
  • ●End of Month Surprises, Contests, BBQs, Parties & Reward Vacations
  • ●401(k) Retirement Savings Plan & Employer Match
  • ●CASB, SIEM, firewall, JIRA, identity vault, etc. tools

About Xactly Corporation

Xactly is a leading provider of enterprise-class, cloud-based, incentive compensation solutions for employee and sales performance management. We address a critical business need: To incentivize employees and align their behaviors with company goals. Our products allow organizations to make more strategic decisions, increase employee performance, improve margins, and mitigate risk. Our core values are key to our success, and each day we’re committed to upholding them by delivering the best we can to our customers.

Xactly is proud to be an Equal Opportunity Employer. Xactly provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, pregnancy, sexual orientation, or any other characteristic protected by law.

We do not accept resumes from agencies, headhunters, or other suppliers who have not signed a formal agreement with us.


Leave a Reply