Shutterstock is seeking a creative, diligent, technical, & experienced IT compliance & security risk professionalto join the Cyber Risk Management & Compliance team. Our ideal candidate has a background in security controls implementation, regulatory control requirements, process improvement, & security risk analysis. Additionally, we are seeking an individual who takes an innovative approach to GRC functions as part of a growing team in a growing company, being able to balance the needs of a dynamic engineering culture with that of protecting company & customer data.
Responsibilities of this role include, but are not limited to, the following activities:
- Assist with operational monitoring, testing & reporting processes in support of the Information Security team, Internal Audit & Legal
- Research & aid in developing compliance related requirements for the product, IT engineering, & software development teams
- Contribute to the development of overall controls & continuous compliance testing, design remediation & risk mitigation solutions
- Collaborate cross functionally to establish high levels of automated testing & evidence collection
- Contribute to the development of tools & practices to better support ongoing Security-GRC services
- Test & maintain business continuity & incident response plans
- Engage in vendor risk assessments to ensure our third-parties are held to reasonable security standards
Skills & Experience:
- 3+ years prior work experience in information security, governance, or compliance
- Familiarity with cloud infrastructures, AWS preferred: Software as a Service (SaaS), Platform as a Service (PaaS), & Infrastructure as a Service (IaaS) technologies
- Exposure to industry & regulatory frameworks (PCI, GDPR, SOX, NIST, ISO, etc.)
- Ability to develop & use metrics/KPIs to assess program performance.
- Skilled communicator thats dedicated to solving problems creatively & cooperatively
- Preferred Skills:
- Internal Audit: fieldwork & audit management experience
- Risk Management: risk & control assessment, issue management, audit / regulatory exam facilitation, & policy / procedure management
- Regulatory/Compliance: measured experience with regulatory issue remediation
- This role is an individual contributor & will report to the Director of Cyber Risk Management & Compliance
Shutterstock (NYSE: SSTK), directly & through its group subsidiaries, is a leading global provider of high-quality licensed photographs, vectors, illustrations, videos and music to businesses, marketing agencies & media organizations around the world. Working with its growing community of contributors, Shutterstock adds hundreds of thousands of images each week & has millions of images & video clips available.
Headquartered in New York City, Shutterstock has offices around the world & customers in more than 150 countries. The company also owns Bigstock, a value-oriented stock media agency; Shutterstock Custom, a custom content creation platform, Offset, a high-end image collection; PremiumBeat a curated royalty-free music library; Rex Features, a premier source of editorial images for the world's media.
For more information, please visit www.shutterstock.com & follow Shutterstock on Twitter, Facebook and Instagram.
Equal Opportunity Employer, M/F/D/V