As a Compliance Analyst at Vimeo, youll work to ensure compliance with regulatory & industry mandates that include Sarbanes-Oxley (SOX), PCI, GDPR, ITGC, ePrivacy & others. Youll be responsible for the day-to-day aspects including scoping, enforcing controls, supporting all review exercises, updating & maintaining documentation, as well as working with all departments to complete assessments!
You will also be a core member of the security organization embedded within the compliance team. You will serve as a guiding hand for organizational level initiatives such as security awareness & compliance best practices.
What youll do:
- Support all aspects of the Vimeo IT General Controls (ITGC) to ensure our continued compliance.
- Maintain processes to support the controls & ensure that control self-assessments & audits are conducted in a timely manner ensuring completeness & accuracy.
- Aid & monitor the effort to ensure compliance with Sarbanes-Oxley (SOX), PCI, ITGC, & others related frameworks.
- Perform audits & risk assessments of third parties such as vendors, services providers, consulting organizations, etc.
- Educates & mentors technical teams on embedding compliant practices into the way Vimeo operates to help foster a compliance culture.
- Must be able to build relationships with technology & business teams across the company.
Skills & knowledge you should possess:
- 1-2 years' experience in an information security compliance, audit, risk management or ISA/QSA role with hands-on experience in a multitude of compliance initiatives.
- Must be familiar with AICPA standards & working knowledge of accepted Audit frameworks such as COBIT.
- Understanding of Sarbanes Oxley (SOX Compliance requirements), PCI & IT General Controls.
- Familiarity with CCPA, GDPR & ePrivacy.
- Familiarity with a broad range of IT & Information Security products & technologies such as identity & access management, vulnerability management, encryption & key management, logging & monitoring & application security.
- Familiarity with cloud-based environments & technologies with associated auditing methodologies.
- Strong attention to detail, influencing & problem resolution skills.
Bonus Points (nice skills to have, but not needed):
- At least one of CISSP, CISA, CISM, CSA, QSA preferred.
- Experience running a large scale security awareness program.
Vimeo is the worlds leading all-in-one video software solution. Our platform enables any professional, team, & organization to unlock the power of video to create, collaborate & communicate. We proudly serve our growing community of over 200 million users from creatives to entrepreneurs to the worlds largest companies.
Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of over 650 passionate, dedicated people, represents our diverse & global community. Were proud to be an equal opportunity employer where diversity, equity & inclusion is championed in how we build our products, develop our leaders, & strengthen our culture.
Learn more at www.vimeo.com
Learn more at www.vimeo.com/jobs