Senior Security Analyst, GRC

| Greater Boulder Area | Hybrid
Sorry, this job was removed at 11:24 a.m. (MST) on Friday, June 26, 2020
Find out who's hiring in Greater Boulder Area.
See all Cybersecurity + IT jobs in Greater Boulder Area
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Company Overview

LogRhythm is a Boulder-based security intelligence software company that empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. Globally the company has consistently been recognized as a market leader – including being placed in Gartner’s Magic Quadrant eight years running. We’ve earned a reputation as a company with a dynamic culture that’s committed to accelerated innovation cycles, thoughtful career development for our employees, and securing our customers from the most sophisticated cyber threats of the day.

Position Overview: Senior Security Analyst, GRC and Awareness

The Senior Security Analyst, in the Governance, Risk and Compliance (GRC) group, will report directly to the Chief Security Officer (CSO) of LogRhythm. You will have overall responsibility for LogRhythm’s GRC and security awareness programs. You will be responsible for ensuring compliance with regulations and certifications such as the Global Data Protection Regulation (GDPR), TRUSTe, Privacy Shield, SOC2, ISO27001, HIPAA, PCI, CCPA, and FedRamp. You will develop, maintain, and ensure compliance with corporate policies, standards, and procedures in alignment with ISO27001 and NIST security frameworks. You will be responsible for reviewing contracts and agreements in a security context to ensure we can meet the security needs of our customers. You will manage the risk inventory. You will work closely with other security team members in completing cross functional projects. 

This is an opportunity to own the governance, risk, compliance, and security awareness programs for a fast-paced, innovative, security product company. 

Responsibilities

  • Establish and maintain LogRhythm’s governance, risk, compliance, and security awareness programs
  • Work with key stakeholders to ensure compliance with various regulations, such as the Global Data Protection Regulation (GDPR)
  • Maintain LogRhythm’s various compliance certifications, such as TRUSTe, Privacy Shield, SOC2, ISO27001, FedRamp, HIPAA, PCI, and CCPA
  • Develop and maintain corporate policies, standards, and procedures in alignment with ISO27001, NIST, and SOC2 frameworks and controls
  • Ensure business units are in compliance with all policies, standards, and procedures
  • Prioritize and drive remediation of security gaps; across all departments
  • Monitor and report on the compliance and risk landscape of the company
  • Liaison for completion of third-party risk questionnaires, contracts, and management of our response database
  • Work closely with other team members in completing cross functional projects and ensuring that other teams are accountable to governance, risk, and compliance regulations
  • Define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements
  • Create and manage the education and awareness programs; content, delivery, compliance, phishing and other testing, etc.
  • Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies
  • Participate in risk remediation efforts across business units
  • Manage vendors and third party risk
  • Establish processes to review implementation of new technologies to ensure security compliance 

Skills

  • Experience auditing and applying control processes to networks and applications
  • Knowledge of compliance regulations (GDPR, CCPA, etc.) and security frameworks (ISO27001, NIST, SOC2)
  • Experience developing corporate security policies, standards, and procedures
  • Experience with security and risk management
  • Ability to apply knowledge by reading and interpreting regulations to formulate real world controls
  • Understanding of cloud environments (GCP, AWS, Azure)
  • Strong teamwork and collaboration skills with the ability to work across multiple business units (Engineering, HR, Legal, etc.) with multiple stakeholders to drive remediation of security gaps
  • Strong facilitation and presentation skills and experience influencing and presenting at all levels including Senior business executives.
  • Excellent written and verbal communication skills
  • Strong critical thinking/problem solving skills
  • Previous consulting, legal, and audit experience is a plus
  • Experience in vendor management is a plus
  • Understanding of solution delivery lifecycle and architecture is a plus
  • Industry recognized certifications in security is a plus (CRISC, GRCP, CGEIT, ITIL, CISSP, CISM, CISA)

LogRhythm is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status.

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
    • GolangLanguages
    • JavaLanguages
    • PythonLanguages

Location

385 Interlocken Crescent #1050 , Broomfield, CO 80021

What are LogRhythm Perks + Benefits

LogRhythm Benefits Overview

LoGiving- We are dedicated to giving back and empowering our employees, customers, and communities.

Employee referral program- We know the best people know the best people.

Health- Benefits include top-of-the-line health insurance and a generously funded HSA.

Work life balance- We mean it. Flex time off, 12 sick days, 9 company holidays and company-sponsored volunteering opportunities. Oh and take your birthday off — it’s policy.

Culture
Volunteer in local community
Our employees participate in a number of volunteer activities every year, such as the Pedal 4 Possible charity bike ride and Boulder Open Space cleanups.
Partners with nonprofits
Every year, we run donation drives for Coats for Colorado and Community Food Share. We also participate in a number of other activities organized by our Logiving committee.
Open door policy
OKR operational model
Team based strategic planning
Flexible work schedule
LogRhythm provides employees with a flexible work schedule, including flexible start and end times.
Remote work program
Our remote work program includes full-time remote work for specific positions, as well as the ability for on-site employees to work remotely as needed.
Diversity
Dedicated diversity and inclusion staff
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
LogRhythm employees can contribute up to $2700 annually to their FSA for the 2019-2020 plan year.
Disability insurance
Disability insurance covers 60% of base weekly pay for short-term disability insurance and 60% of base monthly pay for long-term disability insurance.
Dental insurance
Vision insurance
Health insurance
LogRhythm provides health insurance benefits.
Life insurance
Life insurance is offered in $10,000 increments up to $1,000,000 or up to six times annual salary, whichever is less.
Pet insurance
LogRhythm provides access to pet insurance.
Wellness programs
LogRhythm's health and wellness programs include the bi-annual Biggest Logger competition and corporate discounts to certain fitness clubs.
Team workouts
LogRhythm's fitness offerings include an on-site gym, yoga classes, and the bi-annual Biggest Logger competition.
Financial & Retirement
401(K)
Performance bonus
Charitable contribution matching
Child Care & Parental Leave Benefits
Generous parental leave
LogRhythm provides up to 8 weeks of parental leave (and 12 weeks of FMLA) for the primary caretaker and the secondary caretaker.
Family medical leave
Company sponsored family events
LogRhythm offers multiple family-oriented events every year, including Logtoberfest, Bring Your Child to Work Day, and Bring Your Dog to Work Day (DogRhythm).
Vacation & Time Off Benefits
Unlimited vacation policy
Paid holidays
Paid sick days
LogRhythm offers paid sick days.
Office Perks
Commuter benefits
Company-sponsored outings
Company outings at LogRhythm include Logtoberfest and summer happy hours.
Free snacks and drinks
LogRhythm has fully stocked kitchens, including unlimited coffee, tea, soda, and sparkling water. There are also vending machines in each building.
Some meals provided
Company-sponsored happy hours
Happy hours are hosted on occasion .
Onsite office parking
LogRhythm offers employees free on-site parking.
Pet friendly
LogRhythm participates annually in Bring Your Dog to Work Day.
Recreational clubs
LogRhythm sponsors office sports leagues, including softball and hockey.
Fitness stipend
Onsite gym
Professional Development Benefits
Job training & conferences
LogRhythm encourages professional development, including by offering opportunities for on-site and virtual training.
Lunch and learns
LogRhythm hosts lunch and learn meetings for employees throughout the company.
Promote from within
Mentorship program
Our mentorship program includes leadership mentoring.
Online course subscriptions available

Additional Perks + Benefits

Flexible Paid Time Off, Birthdays required off. Yoga and Meditation Classes. Foosball, Ping Pong and Arcade Games.

More Jobs at LogRhythm

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about LogRhythmFind similar jobs like this