Security Analyst

Full Time
Bellevue, WA
Areas of Interest: Systems Security Analysis
report a problem

Are you ready to make a difference? Join us at Concur!
The global leader in cloud and mobile based travel & expense solutions

Concur, a part of SAP, imagines the way the world should work, offering cloud-based services that make it simple to manage travel and expenses. By connecting data, applications and people, Concur delivers an effortless experience and total transparency into spend wherever and whenever it happens. Concur services adapt to individual employee preferences and scale to meet the needs of companies from small to large, so they can focus on what matters most. The company serves more than 30,000 clients representing more than 27 million users in over 150 countries. 

Concur’s Security Analyst will be a key member in maintaining and administering information security policies, procedures, controls associated with the company’s compliance programs. 

The analyst will own strategic and tactical projects. These projects may include but are not limited to, external audits, development and/or assessment of internal controls, policies, risk identification and be a subject matter expert on all aspects of compliance and risk to the organization and its clients.

In the first 12 months you will deliver the following:


  • Lead SOC-1 and SOC-2 programs; 
  • Lead self-assessment programs for high risk products and functions; 
  • Contribute to supporting collaboration channels with product teams for better implementation of security and compliance controls within the system life-cycle; 
  • Develop processes and programs for update and maintenance of policies, procedures and controls associated with regulatory compliance for security, privacy and service management;
  • Mentor junior staff and interns
  • Scope compliance and/or audit programs to assess internal controls and technical processes against company policies and regulatory security and compliance requirements; 
  • Support responses to client security organization audits, questionnaires;
  • Support risk assessments across company departments, business units and operational locations

Position Requirements 

What do you need to bring?

  • 5+ years’ experience in the Certification and Accreditation (C&A) process with a full understanding of the System Development Life Cycle and SSAE16 process.
  • BS/MS in computer science or related field or equivalent work experience required
  • Strong Knowledge of SSAE16 security controls
  • Assist in development of a technical audit programs including designing templates, suggesting policy improvements, and aligning assessments to policies
  • Demonstrated ability to clearly focus on pragmatic solutions to practical problems
  • Ability to work independently in highly ambiguous environments
  • Risk and Compliance background specifically experience with the following regulatory controls: ISO 20000 and ISO 27001, SOX, PCI, SSAE16 (SOC-1 & SOC2), etc.
  • Ability to interpret information security data and processes to identify potential compliance issues
  • Ability to work within a globally distributed organization
  • Excellent time management skills including the ability to prepare, prioritize, and complete work plans
  • Excellent verbal and written communication skills, including the ability to prepare documentation, policies, and build consensus across a broad group
  • Ability to work effectively and organize priorities independently
  • Ability to clearly and effectively communicate information security and compliance matters as well related risks to executives, auditors, and end users
  • CISSP or CISA certification 
Value Competencies:

Concur is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, religion, sex, protected veteran status, disability status, or any other characteristics protected by federal, state or local law. We are committed to hiring and valuing a global diverse work team.

Concur is a dynamic, growing and fast-paced organization.  As such, successful employees are able to work in a fast-paced environment, managing multiple priorities often times under tight deadlines.  This typically requires working a 40+ hour work week to accomplish performance objectives.  With that, Concur offers flexibility as to the specific working hours that may be required or available depending on your role.

Concur is a SaaS company.  Employees must be technically savvy with the ability to use the computer/keyboard and telephone to conduct business.  The ability to creatively problem solve to our core value of ‘Leadership through innovation in everything we do’.   Many positions within Concur are customer facing so written, verbal and interpersonal communications skills are required for a majority of opportunities with Concur.

Confidentiality and our core value ‘Personal and corporate integrity’ are critical components being that Concur is a publicly traded company and working towards building a great, enduring company.

Concur participates in E-Verify to confirm work authorization.

  • Displays passion for & responsibility to the customer
  • Hires, develops & rewards great people
  • Displays leadership through innovation in everything you do
  • Displays a passion for what you do and a drive to improve
  • Displays a relentless commitment to win
  • Displays personal & corporate integrity

Share this job:


Concur is the leading provider of spend management solutions and services in the world, helping companies of all sizes transform the way they manage spend so they can focus on what matters most. Through the Concur open platform, the entire travel and expense ecosystem of customers, suppliers, and developers can access and extend the Concur T&E cloud. Concur systems adapt to individual employee preferences and scale to meet the needs of companies of all sizes.

SaaS, Cloud computing, Integrated Travel & Expense Management
Visit Concur's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 1,001-5000