Sr. Compliance Analyst (GRC)

Full Time
New York, NY, USA
9 months ago

As a Governance, Risk, and Governance Compliance Analyst at Vimeo, will support in educating, establishing, and maintaining Information Security Governance, Risk Management, and Compliance (GRC) workflows coordinate risk audit and risk compliance projects, as well as help maintain standards, policies, and policies that govern the information security program for the company.

You will also be a member of the security organization on the GRC team, and a guiding hand for organizational level initiatives such as security awareness and vulnerability assessment and management. 

What you’ll do:
  • Enhance GRC’s capabilities such as cyber risk management, vendor security assessment, security training and communications, and our compliance program.
  • Establish processes to support the controls and ensure that information security risk impact assessments and risk mitigation strategies are implemented throughout the organization with a specific focus on ensuring proper implementation of product features.
  • Collaborate with cross-functional teams to design, implement, and maintain SSO integrations using Okta, ensuring seamless and secure access to various applications and services.
  • Facilitate the automated provisioning and synchronization of user identities across platforms and applications.
  • Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact
  • Perform audits and risk assessments of Vimeo systems and vendors to understand privacy implications and make recommendations for vendor risk mitigation 
  • Educate and mentor technical teams on identifying security risks to foster more secure products and services. 
  • Establish continuous monitoring capabilities, report on key performance indicators, identify, track and monitor control exceptions and draft audit responses.
  • Must be able to build relationships with technology and business teams across the company.
Skills and knowledge you should possess:
  • 4-6 years of full-time work experience in audit, risk management, or identity access management. Experience in leading security assessments and risk assessments.
  • Technical architecture experience integrating identity management, access management and access governance software into clients' infrastructure and applications
  • Experience configuring and managing Okta Identity Cloud, including SSO integrations, user provisioning, and authentication protocols (e.g., SAML, OAuth).
  • Advanced technical knowledge of cloud technology (AWS, GCP, Azure), security controls, database systems, network systems, auditing and compliance software and tools, and IT infrastructure. 
  • Familiar with security compliance frameworks and requirements, e.g., SOC 1/2, HITRUST, FedRAMP, IRAP, PCI, ISO27001, NIST CSF
  • Highly motivated, strong work ethic, attention to detail, and organizational skills.
  • Thorough understanding of risk management principles and methodologies.
  • Ability to translate abstract and vague regulatory requirements into cohesive actionable compliance tasks.
  • Ability to collaborate in a team setting and moderate conversations involving cross-functional groups.

Targeted Base Salary Range: $105,300 to $160,500

The base salary range listed above is for candidates located in the U.S., including the New York City metro area.

At Vimeo, we strive to hire and nurture amazing talent across the globe. Actual salaries will vary depending on factors including but not limited to experience, specialized skills, internal alignment and a candidate’s home base.

Base salary is just one component of Vimeo’s total rewards philosophy. We offer a wide range of benefits and perks that appeal to the variety of needs across our diverse employee base! Other rewards may include bonus or commission, Restricted Stock Units (RSUs), paid time off, generous 401k match, wellbeing resources, and more.

#LI-MM1

About Us:

Vimeo (NASDAQ:VMEO) is the world’s most innovative video experience platform. We enable anyone to create high-quality video experiences to connect better and bring ideas to life. We proudly serve our growing community of nearly 300 million users — from creative storytellers to globally distributed teams at the world’s largest companies. Learn more at www.vimeo.com.

Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of passionate, dedicated people, represents our diverse and global community. We’re proud to be an equal opportunity employer where diversity, equity, and inclusion is championed in how we build our products, develop our leaders, and strengthen our culture.