Shutterstock is seeking to hire a talented & astute cybersecurity risk professional with excellent communication skills to join the Cyber Risk Governance & Analytics team. Responsibilities include the promotion & alignment of the cybersecurity strategy throughout the company, participation in the creation & maintenance of a security risk framework & associated policies/procedures, & the analysis of risks & trends using metrics to help guide prioritization, discussion & investment in cybersecurity.
Responsibilities of this role include, but are not limited to, the following activities:
- Maintain & update security related policies, procedures & risk frameworks
- Assist with implementation of new policies where necessary & review IT/company policies for security compliance
- Maintain an updated risk registry tracking cybersecurity risks across the organization; Initiate response, track, & monitor remediation
- Ensure necessary compliance reviews occur as expected (e.g. entitlements, penetration testing, vulnerability management/patching)
- Develop & monitor cybersecurity metrics (KPIs, KRIs) used for management reporting on risks
- Engage in vendor contract reviews to ensure terms & conditions for the protection of Shutterstock data, systems & customers are included as necessary
- Engage employees on best practices & to promote cybersecurity across Shutterstock
- Work closely with management to define & promote the strategic direction of the team
- Suggest cybersecurity solutions & process improvements to help minimize risk
Skills & Experience:
- 3+ years prior work experience in information security, governance, or compliance
- Familiarity with cloud infrastructures, AWS preferred: Software as a Service (SaaS), Platform as a Service (PaaS), & Infrastructure as a Service (IaaS) technologies
- Exposure to industry & regulatory frameworks (PCI, GDPR, SOX, NIST, ISO, etc.)
- Ability to develop & use metrics/KPIs to assess program performance.
- Skilled communicator thats dedicated to solving problems creatively & cooperatively
- This is an independent contributor role & will report to the Director of Cyber Risk Governance & Analytics
Shutterstock (NYSE: SSTK), directly & through its group subsidiaries, is a leading global provider of high-quality licensed photographs, vectors, illustrations, videos and music to businesses, marketing agencies & media organizations around the world. Working with its growing community of contributors, Shutterstock adds hundreds of thousands of images each week & has millions of images & video clips available.
Headquartered in New York City, Shutterstock has offices around the world & customers in more than 150 countries. The company also owns Bigstock, a value-oriented stock media agency; Shutterstock Custom, a custom content creation platform, Offset, a high-end image collection; PremiumBeat a curated royalty-free music library; Rex Features, a premier source of editorial images for the world's media.
For more information, please visit www.shutterstock.com & follow Shutterstock on Twitter, Facebook and Instagram.
Equal Opportunity Employer, M/F/D/V