Senior Cyber GRC Analyst at Convercent

| Greater Denver Area
Sorry, this job was removed at 12:15 p.m. (MST) on Thursday, December 19, 2019
Find out who's hiring in Colorado.
See all Operations jobs in Colorado
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

This role reports to the VP, Information Security and performs internal audits, risk assessments and third-party vendors reviews to ensure compliance to company security policies. Responsible for supporting the business in fulfilling security information requests associated with Proposals (RFP), questionnaires, sales questions, third party risk assessments and audits. Reviews customer and prospect contracts and provides suggested alternatives regarding client requested contractual security requirements. Collaborates with Sales, Legal, Customer Success and Engineering to build and maintain an in-depth understanding of each areas environment and security controls to ensure timely and accurate responses to security information requests. Determines what information can be shared with customers and external parties at different phases of the client relationship to provide assurance with the Security Program, without compromising the IT Security posture of the organization.

Key Responsibilities:

Internal Audit, Compliance and Risk Assessments

  • Conduct scheduled internal audits as per prescribed Cybersecurity Frameworks
  • Prepare and lead Cybersecurity Framework audits driving compliance
  • Perform risk assessments related to infrastructure, platforms and applications as per risk management framework
  • Configure and implement tools to manage, monitor and escalate internal risks 

Customer security risk assessments  

  • Review and edit security questionnaires and RFPs as well as fielding questions detailing security capabilities.
  • Lead prospect, customer and third-party security meetings reinforcing the businesses security and compliance program.

Contract reviews

  • Hands-on iterative review of security/compliance aspects of new and renewed customer contracts.
  • Provides suggestions and contract redlines regarding what security terms we can accept from clients.

Third Party Risk Management

  • Lead vendor and third-party risk management process

Minimum Qualifications:

  • Knowledge in auditing security frameworks that may include ISO 27001, SOC 2 and HITRUST.
  • Contract Management, Information Technology, IT Risk, IT Audit, InfoSec or similar experience required.
  • Excellent attention to detail required and strong issues spotting, drafting and communication skills required.
  • Must be client service focused with ability to successfully partner with internal stakeholders.
  • Must be able to multi-task and independently manage workflow / priorities and solve problems within company guidelines.

 Preferred Qualifications:

  • Knowledgeable in security best practices (ISO 27001, SOC 2, HIPAA, etc.)
  • Knowledgeable of privacy best practices (Privacy Shield, GDFR, Safe Harbor, etc.)
  • Familiarity with systems and tools including: IDS/IPS, HIDS, SIEM, AV, vulnerability assessments, etc.
  • CISSP, CISM/CISA, CRISC or other industry InfoSec certification a plus

 About Convercent:

Robust. Agile. Collaborative. And you should see our software. Bringing the transformative power of the cloud to the compliance and ethics industry, Convercent's award-winning SaaS solution empowers our customers to be more effective and efficient in managing their compliance efforts and mitigating risk. With an inclination towards innovation, Convercent is helping our customers raise the standard--and expectations--for how companies safeguard their financial and reputational health. 

Convercent is an equal opportunity employer and all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • .NETLanguages
    • C#Languages
    • ASP.NETFrameworks
    • Microsoft SQL ServerDatabases


RiNo/Cole @Industry Rino Station

An Insider's view of Convercent

What’s the vibe like in the office?

Convercent is a highly collaborative environment. I absolutely love that I can be in the kitchen, bathroom, or walking around and I will bump into people from all different departments and have really meaningful conversations. I really enjoy the people I work and interact with everyday!


Manager, Event Marketing

What's the biggest problem your team is solving?

The process of ingesting data from our customers can be difficult and lengthy. Team Massive is working on a new implementation that can import multiple large files simultaneously and at a faster rate.


Sr. Software Engineer

How has your career grown since starting at the company?

It's taken me down a path I would've never expected when I joined the team as an SDR five years ago. But that's one of the great things about Convercent. People have the opportunity and are supported to take their careers in so many different directions.


Director, Learning & Development

What are Convercent Perks + Benefits

Convercent Benefits Overview

Convercent offers a comprehensive and competitive benefits package which includes:

-Healthcare (we pay 90% medical, dental and vision for employees)
-Unlimited PTO
-Paid family leave (12 weeks for moms and 4 weeks for dads, spouses, or partners)
-Wellness bonus ($100/month towards wellness expenses
-Stock options
-Monthly cell phone reimbursement
-EcoPass (ride the bus or light rail for free)

Volunteer in local community
Food for Thought Amp the Cause The Epworth Foundation
Friends outside of work
Eat lunch together
Daily stand up
Open door policy
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Unconscious bias training
Someone's primary function is managing the company’s diversity and inclusion initiatives
Mean gender pay gap below 10%
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Team workouts
Acme Co.'s team fitness initiatives include In-office yoga.
Retirement & Stock Options Benefits
Company Equity
Employee Stock Purchase Plan
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Acme Co. provides employees with a flexible work schedule that includes Flexible start and end times.
Family Medical Leave
Company sponsored family events
Acme co. sponsors family oriented events Semi-annually.
Vacation & Time Off Benefits
Unlimited Vacation Policy
Eligible employees get 5 days of paid sabbatical after their first 30 years of working at the company.
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
Happy Hours
Pet Friendly
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Our mentorship program includes Career mentoring, Leadership mentoring.
Customized development tracks
Paid industry certifications
More Jobs at Convercent9 open jobs
All Jobs
Design + UX
Dev + Engineer
Project Mgmt
Design + UX
Project Mgmt
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Convercent's full profileSee more Convercent jobs