Signify is hiring a
Security Risk Associate

Logo of Signify

Signify

πŸ’΅ $60k-$85k
πŸ“Remote - United States

Summary

Join our team as a Security Risk Associate and contribute to maintaining and advancing our commitment to cybersecurity, providing assurance to our customers and stakeholders.

Requirements

  • You must have a passion for security work
  • Display highly organized, interpersonal, and communication soft skills
  • Have at least 1+ years experience participating in at least one of audit type: PCI-DSS, ISO 27001, SOC2, SOX 404(b), or similar
  • Have 1-3 years of experience in a security program analyst or GRC-related role
  • Have at least 1+ years of experience conducting and responding to customer security assessments and audits
  • Ideal candidates will possess college degree and/or related professional certifications such as BS in business or information technology, CISA, CISM, CISSP, or similar
  • Familiarity with additional security frameworks, privacy regulations, and standards (such as NIST, SIG, GDPR, CCPA) is an advantage

Responsibilities

  • Facilitate the review and updates of security related policies and procedures
  • Contribute to ongoing security and compliance risk and gap assessments
  • Administer and plan security awareness training, including phishing simulations, announcements attendance, and engagement
  • Perform ongoing and annual tasks and request fulfillments related to the Signifyd's external audits and reviews
  • Support internal and external audits with collecting and analyzing preliminary evidence, preparing audit materials, etc
  • Perform third-party vendor management security due diligence reviews assessing vendor risk and controls
  • Conduct office security assessments to ensure compliance and evaluate the effectiveness of current security controls
  • Contribute to business continuity and disaster recovery planning, assessments, and exercises
  • Conduct regular access reviews on important systems
  • Fulfill customer security questionnaires and complete standard information gathering (SIG) reports, while maintaining Signifyd's internal knowledge library to ensure answers remain up to date
  • Assist in researching industry best practices, interpreting compliance requirements, and understanding their impact on Signifyd operations
  • Assist in preparing internal reports and maintaining documentation to support compliance efforts
  • Proactively participate in other GRC initiatives, offering insights and suggestions to enhance operational efficiency based on observations

Benefits

  • Discretionary Time Off Policy (Unlimited!)
  • 401K Match
  • Stock Options
  • Annual Performance Bonus or Commissions
  • Paid Parental Leave (12 weeks)
  • On-Demand Therapy for all employees & their dependents
  • Dedicated learning budget through Learnerbly
  • Health Insurance
  • Dental Insurance
  • Vision Insurance
  • Flexible Spending Account (FSA)
  • Short Term and Long Term Disability Insurance
  • Life Insurance
  • Company Social Events
  • Signifyd Swag

Remote

Cybersecurity

Mid-level

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.

Similar Jobs

Please let Signify know you found this job on JobsCollider. Thanks! πŸ™