Senior GRC Associate at Red Ventures
At A Glance:
As a GRC Senior Associate, you will work closely with our business, legal, security, and technology teams to identify, measure and report on technology risk. You will work to ensure compliance with US and International laws, rules, standards, and contractual obligations. You should be passionate about security and the myriad of security standards and guidelines that large successful companies follow. You will have latitude to make decisions, teach, and collaborate with a broad group of bright and energetic people throughout the company.
What You’ll Do:
- Ensure compliance with company policies and standards, including regulatory, legal and contractual requirements, by providing ongoing support and advice to control owners and cross-functional teams on control design and effectiveness.
- Manage engagement with outsourced auditors, analyze evidence and facilitate walkthroughs to achieve key business certifications.
- Work with technology and business teams to develop, prioritize and document risk mitigation action plans, along with recommendations to reduce information security risk within their areas.
- Manage the remediation of security assessment findings and recommendations.
- Test information security controls, across multiple business processes and/or locations, ensuring implementation techniques meet the intent of organizational compliance frameworks and security requirements.
- Support multiple security GRC initiatives, as needed, including development of the company's security program, policies, and standards, implementation of security awareness programs, and development of metrics and reporting framework.
- Identify, assess, measure and monitor technology risk by performing hands-on, data-focused risk assessments, actively participating in all aspects of the risk management process.
- Identify opportunities for automation and integration of GRC programs, develop requirements and recommend solutions or products to meet the need.
What We’re Looking For:
- Excellent written and verbal communication skills; must be able to enhance documented security requirements, raise awareness of those requirements through multiple communication channels, as well as interface with all levels of the organization.
- Self-starter with the ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals, and communicate progress in a timely and meaningful manner.
- Experience identifying failures or inefficiencies in processes, conflicting business practices and integration issues, and providing alternative solutions.
- Experience with data analytics methodologies and tooling to support risk reporting, risk assessment and control testing.
- Hands-on experience performing security risk or compliance assessments (e.g., ISO 27001, PCI DSS, CIS 20 or similar) is a plus.
- Possess understanding of controls pertaining to cloud security and computing, system development lifecycle, and privacy (e.g., GDPR, CCPA).
Who We Are:
Founded in 2000, Red Ventures is a portfolio of growing digital businesses that bring consumers and brands together through integrated e-commerce, strategic partnerships and many proprietary brands including Bankrate, AllConnect.com and Reviews.com. Headquartered south of Charlotte, NC, Red Ventures has over 3000 employees in offices across the US, as well as London and Sao Paulo. For more information, visit www.redventures.com.
We offer competitive salaries and a comprehensive benefits program for full-time employees, including medical, dental and vision coverage, paid time off, life insurance, disability coverage, employee assistance program, 401(k) plan and a paid parental leave program.
Red Ventures is an equal opportunity employer that does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or any other basis protected by law. Employment at Red Ventures is based solely on a person's merit and qualifications.
We are committed to providing equal employment opportunities to qualified individuals with disabilities. This includes providing reasonable accommodation where appropriate. Should you require a reasonable accommodation to apply or participate in the job application or interview process, please contact [email protected]