Senior Security Analyst, GRC at LogRhythm

| Greater Boulder Area
Sorry, this job was removed at 11:24 a.m. (MST) on Friday, June 26, 2020
Find out who's hiring in Colorado.
See all Operations jobs in Colorado
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Company Overview

LogRhythm is a Boulder-based security intelligence software company that empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. Globally the company has consistently been recognized as a market leader – including being placed in Gartner’s Magic Quadrant eight years running. We’ve earned a reputation as a company with a dynamic culture that’s committed to accelerated innovation cycles, thoughtful career development for our employees, and securing our customers from the most sophisticated cyber threats of the day.

Position Overview: Senior Security Analyst, GRC and Awareness

The Senior Security Analyst, in the Governance, Risk and Compliance (GRC) group, will report directly to the Chief Security Officer (CSO) of LogRhythm. You will have overall responsibility for LogRhythm’s GRC and security awareness programs. You will be responsible for ensuring compliance with regulations and certifications such as the Global Data Protection Regulation (GDPR), TRUSTe, Privacy Shield, SOC2, ISO27001, HIPAA, PCI, CCPA, and FedRamp. You will develop, maintain, and ensure compliance with corporate policies, standards, and procedures in alignment with ISO27001 and NIST security frameworks. You will be responsible for reviewing contracts and agreements in a security context to ensure we can meet the security needs of our customers. You will manage the risk inventory. You will work closely with other security team members in completing cross functional projects. 

This is an opportunity to own the governance, risk, compliance, and security awareness programs for a fast-paced, innovative, security product company. 

Responsibilities

  • Establish and maintain LogRhythm’s governance, risk, compliance, and security awareness programs
  • Work with key stakeholders to ensure compliance with various regulations, such as the Global Data Protection Regulation (GDPR)
  • Maintain LogRhythm’s various compliance certifications, such as TRUSTe, Privacy Shield, SOC2, ISO27001, FedRamp, HIPAA, PCI, and CCPA
  • Develop and maintain corporate policies, standards, and procedures in alignment with ISO27001, NIST, and SOC2 frameworks and controls
  • Ensure business units are in compliance with all policies, standards, and procedures
  • Prioritize and drive remediation of security gaps; across all departments
  • Monitor and report on the compliance and risk landscape of the company
  • Liaison for completion of third-party risk questionnaires, contracts, and management of our response database
  • Work closely with other team members in completing cross functional projects and ensuring that other teams are accountable to governance, risk, and compliance regulations
  • Define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements
  • Create and manage the education and awareness programs; content, delivery, compliance, phishing and other testing, etc.
  • Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies
  • Participate in risk remediation efforts across business units
  • Manage vendors and third party risk
  • Establish processes to review implementation of new technologies to ensure security compliance 

Skills

  • Experience auditing and applying control processes to networks and applications
  • Knowledge of compliance regulations (GDPR, CCPA, etc.) and security frameworks (ISO27001, NIST, SOC2)
  • Experience developing corporate security policies, standards, and procedures
  • Experience with security and risk management
  • Ability to apply knowledge by reading and interpreting regulations to formulate real world controls
  • Understanding of cloud environments (GCP, AWS, Azure)
  • Strong teamwork and collaboration skills with the ability to work across multiple business units (Engineering, HR, Legal, etc.) with multiple stakeholders to drive remediation of security gaps
  • Strong facilitation and presentation skills and experience influencing and presenting at all levels including Senior business executives.
  • Excellent written and verbal communication skills
  • Strong critical thinking/problem solving skills
  • Previous consulting, legal, and audit experience is a plus
  • Experience in vendor management is a plus
  • Understanding of solution delivery lifecycle and architecture is a plus
  • Industry recognized certifications in security is a plus (CRISC, GRCP, CGEIT, ITIL, CISSP, CISM, CISA)

LogRhythm is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Location

4780 Pearl East Circle, Boulder, CO 80301

What are LogRhythm Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Onsite Gym
Retirement & Stock Options Benefits
401(K)
Vacation & Time Off Benefits
Paid Volunteer Time
Perks & Discounts
Some Meals Provided

Additional Perks + Benefits

Flexible Paid Time Off, Birthdays required off. Free Food Fridays. Yoga and Meditation Classes. Foosball, Ping Pong and Arcade Games.

More Jobs at LogRhythm22 open jobs
All Jobs
Finance
Design + UX
Dev + Engineer
Marketing
Operations
Sales
Developer
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Marketing
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Operations
new
Boulder
Marketing
new
Boulder
Developer
new
Boulder
Operations
new
Boulder
Design + UX
new
Boulder
Design + UX
new
Denver
Operations
new
Boulder
Marketing
new
Boulder
Developer
new
Boulder
Operations
new
Boulder
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView LogRhythm's full profileSee more LogRhythm jobs