Listing Description
Senior Security Analyst - Governance Risk and Compliance (GRC)
This position can be located in New York, NY / Pittsburgh, PA / Bay Area, CA
COMPANY OVERVIEW
A “Magic Quadrant” leader, Ivalua’s solutions work in a complex global economy. Our innovative Source-to-Pay solutions include automating customized workflows to source, contract, request, procure, receive, and pay for goods and services across the enterprise, refining the procurement lifecycle while reducing cost and risk of spending on indirect goods, direct goods, and services, and improving supplier collaboration.
All companies want the best and brightest. At Ivalua, we also want team members who have a global point of view and who bring customer-focused enthusiasm and ambition to the table. We are a company of doers, of problem solvers, of figure-it-outers. We have fun and we work hard. Ivalua is a truly global company with a diverse team of contributors and a set of core values that people can feel every day across all our offices.
Our team works hard, plays hard, and enjoys our ping-pong tournaments at lunchtime! Or are passionate, creative, focused, and collaborative. etc.
Key Responsibilities:
Lead various security audits/certifications/self assessments, including SOC1/SOC2, HIPAA, NIST800-53, ISO27001, PCI, FedRAMP, etc.
Coordinate and manage customer security audits
Coordinate and manage elf initiated security/access audits
Lead and manage Security Awareness and Training program
Lead and perform Vendor Security Assessments
Own and manage InfoSec related policies, standards, and plans
Assist the sales and bid-desk team in effectively responding to prospect’s InfoSec questions
Work closely with IT and Business functions to enhance and test Disaster Recovery and Business Continuity Program
Work closely with the IT and Security Operations team to enhance and test Security Incident Response Plan
Skills, Abilities, Experience & Qualifications:
Bachelor’s Degree in a related field or equivalent experience
Strong working knowledge of a broad range of audit and Information Security frameworks
Experience in executing audits against some of the InfoSec frameworks such as NIST-800 53, ISO27001, PCI, FedRAMP, SOC1/SOC2 and HIPAA
Excellent interpersonal, communication and organizational skills
Relevant audit and/or Information Security certifications (e.g., CISSP, CISA, CISM, CRISC) are desired
Team player with the ability to interface effectively with a broad range of individuals and roles, including IT and vendors
High degree of initiative, dependable and able to work well with limited supervision
#LI-SG1
#LI-HYBRID
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided