Senior Security Analyst
Job Summary
Ibotta is seeking a collaborative, team-focused Senior Security Analyst to join our innovative team and contribute to our mission to Make Every Purchase Rewarding.
In this role, you will help set and maintain security standards, organize company-wide education and awareness, manage incident response and disaster recovery/business continuity programs and activities, and work to implement SOC 2, type 2 and ISO 27001 certification across Ibotta.
This position is located in Denver, Colorado, or with the option of full-time remote. Candidates must live in the United States.
What you will be doing:
- Embrace and uphold Ibotta’s Core Values: Integrity, Boldness, Ownership, Teamwork, Transparency and Advocate for Savers
- Work with stakeholders to define and refine Ibotta’s security policies and procedures to enable a proactive security approach.
- Coordinate investigation and reporting of security incidents.
- Conduct data-centric risk assessments.
- Coordinate and conduct regular incident response, business continuity and disaster recovery tabletop exercises.
- Administer the company security awareness program
- Subject matter expert (SME) to internal and external customers by providing expertise, advice, and support on security-related inquiries and incidents.
- Have a thorough understanding of Ibotta’s product and operations to identify where new compliance and security efforts could minimize operational risk.
- Conduct third-party/supplier audits, client RFP/due diligence reviews, and organize 3rd party vulnerability assessments/pen tests.
- Design and implement systems and processes to track, monitor, and report compliance with information security policies and procedures as well as security program performance.
- Collaborate cross-functionally on information security program development, maintenance, and enforcement to minimize Ibotta’s risk exposure through security by design.
- Act on KPI results to make continuous security program improvements.
- Keep abreast of changes to security industry best practices, applicable laws, and security alerts from relevant vendors and sources (ex: US-CERT).
- Recommend and evaluate third party technology and/or services to enhance Ibotta security.
- Assist in the implementation, adoption, and support of technology as needed.
- Investigate alerts and analyze data from monitoring tools to identify and mitigate malicious activity.
- Coordinate and conduct internal security audits in alignment with ISO 27001/27018 and SOC 2 standards and principles.
- Organize and manage Ibotta’s external SOC 2 and ISO 27001 assessments.
- Participate in 24/7 incident response on-call rotation.
What we are looking for:
- 5+ years of work experience in an information security-based role
- Experience with fraud and abuse investigations, incident response
- Security-related certifications (eg. CompTia Security+, CISSP, CISA, CRISC, CSSP, CISM, CEH)
- Ability to maintain professional, positive demeanor in high-pressure circumstances
- Ability to look creatively at the big picture, to follow trends beyond obvious attributes
- Collaborative mindset – a track record of cross-functional success in a team environment
- Experience with risk assessment, controls identification and testing, and/or state/federal regulatory audits
- Knowledge and experience with ISO 27001/SOC2 frameworks
- Familiarity with Unix/Linux environments, basic working knowledge of security testing tools (Kali Linux, nmap, Nessus, Burpsuite)
- Manage multiple projects/issues concurrently
- Excellent written and verbal communication skills
About Us:
Built in Denver, CO, Ibotta ("I bought a...") is a free mobile shopping app that gives users cash back on groceries and more. Through our partnerships with brands and retailers like Procter & Gamble, Kraft Heinz, Kellogg, Amazon, Walmart, Target and Uber, we’ve delivered over $1B in cumulative cash rewards to our Savers. Guided by our values and our mission to make every purchase rewarding, we come to work energized by the business problems we get to solve, the technology we get to build, and the people we get to innovate (and have fun) with. Ibotta made Inc.’s 2020 list of the 5000 fastest-growing private companies in the U.S. for the third consecutive year. In 2019, we became the first mobile consumer technology company in Colorado to achieve $1B in valuation.
Additional Details:
- This position is located in Denver, CO, or with the option of full-time remote, and includes competitive pay, flexible time off, benefits package (including medical, dental, vision), Lifestyle Spending Account, 401k match, profit sharing and equity.
- Base compensation range: $115,000 - $135,000. Total compensation for this role also includes a variable component in addition to base salary.
- Ibotta is an Equal Opportunity Employer. Ibotta’s employment decisions are made without regard with race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected status
- Applicants must be currently authorized to work in the United States on a full-time basis.
#BI-Remote
#LI-Remote