As a Risk & Governance Compliance Analyst at Vimeo, will support in educating, establishing, & maintaining Information Security Governance, Risk Management, & Compliance (GRC) workflows coordinate risk audit & risk compliance projects, as well as help maintain standards, policies, & policies that govern the information security program for the company.
You will also be a member of the security organization on the compliance team , & a guiding hand for organizational level initiatives such as security awareness & vulnerability assessment & management.
What youll do:
- Enhance & oversee all aspects of the Vimeo risk controls to ensure continued compliance with stated goals.
- Establish processes to support the controls & ensure that information security risk impact assessments & risk mitigation strategies are implemented throughout the organization with a specific focus on ensuring proper implementation of product features.
- Perform audits & risk assessments of Vimeo systems & vendors to understand privacy implications & make recommendations for vendor risk mitigation
- Educate & mentor technical teams on identifying security risks to foster more secure products & services.
- Establish continuous monitoring capabilities, report on key performance indicators, identify, track & monitor control exceptions & draft audit responses.
- Must be able to build relationships with technology & business teams across the company.
Skills & knowledge you should possess:
- 2-4 years of full-time work experience in IT audit or IT risk management. Experience in leading security assessments & IT risk assessments/
- Experience working with or managing Security compliance control as captured through such as SOC 2 Type 2 principles & ISO27001:2013.
- Highly motivated, strong work ethic, attention to detail, & organizational skills.
- Understanding of common Information Security & Information Technology frameworks & standards,NIST 800-37, FAIR, RMF, NIST 800-53 & CSF
- Thorough understanding of risk management principles & methodologies.
- Ability to translate abstract & vague regulatory requirements into cohesive actionable compliance tasks.
- Ability to collaborate in a team setting & moderate conversations involving cross-functional groups.
- Experience with application security, SaaS environments, or cloud security is a plus.
Vimeo is the worlds leading all-in-one video software solution. Our platform enables any professional, team, & organization to unlock the power of video to create, collaborate & communicate. We proudly serve our growing community of over 200 million users from creatives to entrepreneurs to the worlds largest companies.
Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of over 650 passionate, dedicated people, represents our diverse & global community. Were proud to be an equal opportunity employer where diversity, equity & inclusion is championed in how we build our products, develop our leaders, & strengthen our culture.
Learn more at www.vimeo.com
Learn more at www.vimeo.com/jobs