Sr. Information Security Analyst

A career that's the whole package

At Conga, we've built a community where our colleagues can thrive. Here you'll find opportunities to innovate and support growth through individual and team development, all within an environment where every voice is heard.

Conga accelerates the customer's journey to becoming a more connected and intelligent business. The Conga Advantage Platform is recognized worldwide for enhancing this journey, bringing together Configure, Price, Quote, Contract Lifecycle Management, and Document Automation capabilities on a single open platform. It integrates seamlessly with any ERP, CRM, and Cloud. Powered by a unified data model and purpose-built AI, Conga helps companies achieve a unique advantage—one built on seamless connection, actionable intelligence, and scalable growth.

Our approach is grounded in the Conga Way, a framework that reflects our values and drives everything from hiring to decision-making, as well as key programs including recognition. Created with direct input from our colleagues, the Conga Way forms the foundation of our vibrant culture. 

Job Title: Senior Information Security Analyst

Location: Waterloo, Canada. 

Hybrid: minimum 12 days per month in the office

Reports To: Director, Compliance and Information Security

A quick snapshot…..

Conga is seeking a seasoned Senior Information Security Analyst to help shape and maintain a robust information security program. In this role, you'll work closely with stakeholders across the company to identify and remediate security issues, promote awareness, and ensure compliance with legal, regulatory, and customer requirements. You'll be part of the Security & Compliance Team, but also operate independently, managing alerts, vulnerabilities, incident response, and risk assessments. Your day-to-day will involve hands-on security operations, cross-functional collaboration, and continuous improvement of security practices.

Why it's a big deal…..

This role is critical to protecting Conga's information assets and maintaining trust with customers and partners. By proactively managing threats, vulnerabilities, and compliance, you'll help safeguard the company's reputation and ensure business continuity. Your work directly supports Conga's strategic goals by enabling secure innovation, enhancing customer confidence, and fostering a culture of security awareness across the organization.

Related experience. You have 4–6 years of experience in information security, ideally with a focus on IT and product security. You have:

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or equivalent experience
• Strong knowledge of cloud security (AWS, Azure, GCP), DevSecOps, and secure SDLC
• Experience with application security and vulnerability management
• Knowledge of security/compliance frameworks (ISO 27001/27701, SOC, PCI, HIPAA)
• Understanding of privacy regulations (GDPR, CCPA, CPRA)

Strong communication and interpersonal skills. You're not just comfortable engaging in collaborative discussions, but initiating them, too. You are skilled at reading and adapting to different communication styles. When you speak you are clear and concise. Your strong listening skills foster connections with our clients and allow you to accurately collect the right information so you can resolve issues in the most expedient way.

Cross-Functional Collaboration. You know how to build strong relationships across Cloud Ops, Engineering and IT teams. teams. You communicate priorities, trade-offs, and goals clearly, helping both technical and non-technical stakeholders stay aligned and moving in the same direction.

Detail oriented.  Consistently ensures accuracy in security assessments, documentation, and incident response processes, minimizing risk and maintaining high standards of compliance.

Strong project management – able to prioritize tasks, manage multiple security initiatives simultaneously, and drive cross-functional collaboration to meet deadlines. Demonstrates ownership and accountability in delivering complex projects from planning through execution, ensuring alignment with business and compliance goals.

Monitor evolving threat landscapes – stay informed on internal and external security threats and trends, and proactively recommend mitigation strategies to strengthen Conga's security posture.

Here's what will give you an edge………….

• SaaS industry experience
• CISSP or other relevant certifications
  

#LI-AM1

#LI-Remote

Did we pique your interest?  

If this sounds like the kind of job you would love in the kind of environment where you would thrive, please click apply. We'd love to hear from you 

Preferred Resume Format 

We accept resumes in any format, we suggest using PDF or plain text. These formats help ensure that your resume's formatting remains intact, making it easier for our recruiters to review your application promptly. 

Don't meet every requirement for the role?   

Studies have shown that women and members of ethnic minorities are less likely to apply to jobs unless they meet every single qualification. At Conga we are dedicated to building a diverse, inclusive, and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You just might be the right candidate for this or other roles.  

Conga is proud to be an Equal Opportunity Employer and provides equal employment opportunities to all employees and applicants regardless of race, color, religion, gender, gender identity, age, national origin, disability, parental or pregnancy status, marriage and civil partnership, sexual orientation, veteran status, or any other characteristic protected by law. We understand interviewing can be stressful for those with disabilities. If reasonable accommodation is needed to allow you to show us your best self, please let your recruiter know as soon as possible. All your information will be kept confidential according to EEO guidelines. Conga is not open to third party solicitation or resumes for our posted FTE positions. Resumes received from third party agencies that are unsolicited will be considered complimentary.

Conga's Applicant Privacy Statement 

The information you provide during the application process will be used in accordance with Conga's Applicant Privacy Statement ). By submitting your application, you acknowledge and agree to the terms outlined in this privacy statement.