Jr. Risk Analyst - Trust and Assurance Group

Medallia’s mission is simple: to create a world where companies are loved by customers and employees alike. Hundreds of the world’s best-loved brands trust Medallia’s Software-as-a-Service application to help them capture customer feedback everywhere the customer is (on the phone, in store, online, mobile), understand it in real-time, and deliver insights and action everywhere—from the C-suite to the frontline—to improve their performance. Founded in 2001, Medallia is growing quickly with more than 1000 employees globally in Silicon Valley, New York, London, Paris, Sydney, Buenos Aires, Austin, Washington D.C., and Tel Aviv. 

The Role
The Security Risk and Compliance Analyst role is a key part of the Trust and Assurance Group and will be responsible for risk and compliance related activities at Medallia under the guidance of a senior or staff-level Risk and Compliance Analyst.  We are looking for a highly motivated, hands-on, and delivery-focused analyst that will contribute to Medallia’s information security practice.


  • Assist with maintaining security policies and standards, in collaboration with internal teams
  • Maintain the controls matrix, in alignment with multiple compliance frameworks
  • Help prepare for audits, gather evidence as needed, and follow up on open items
  • Identify issues and escalates through proper governance channels as needed
  • Support key business initiatives by identifying security and compliance related risks
  • Collaborate with teams across Medallia, to validate security controls are implemented and develop recommendations to remediate control deficiencies
  • Assist with the vendor governance program
  • Prepare status reports and updates for senior leadership
  • Develop employee facing technical documentation, internal wiki pages, periodic security oriented communication to spread awareness about Information Security policies and standards

Minimum Qualifications

  • Minimum 2+ years of experience in information security, compliance, and/or risk management
  • Familiarity with security policies and compliance frameworks
  • Familiarity with ISO 27001, SOC 2, HIPAA, FedRAMP and HITRUST
  • Excellent written and oral communication skills with an ability to effectively communicate security topics to a variety of audiences
  • Strong leadership capabilities, collaborative attitude and motivation to work in a fast paced startup environment
  • Negotiation skills needed to obtain commitments to remediate risks from leadership of other teams

At Medallia, we don’t just accept difference - we celebrate it and recognize the value it brings to our customers and employees. Medallia is proud to be an equal opportunity workplace and is an affirmative action employer. Equal opportunity and consideration are afforded to all qualified applicants and employees. We won't unlawfully discriminate on the basis of gender identity or expression, race, ethnicity, religion, national origin, age, sex, marital status, physical or mental disability, Veteran status, sexual orientation, and any other category protected by law.

Medallia is committed to working with and providing reasonable accommodation to applicants with disabilities in accordance with the American Disabilities Act and state disability laws.

Meet Some of Medallia's Employees

Natalie N.

Sales Development Representative

Natalie works on the Inside Sales Team to find new customers interested in partnering with Medallia. She helps these partners improve customer experience at their respective companies.

Shwetha S.

Senior Manager, Implementations

Shwetha works with a portfolio of Medallia clients to design and implement the best customer experience programs. She works to maximize client results and make a real change in their customer experiences.

Back to top