Information Security Risk Analyst

| Seattle

 

Groupon’s Information Security team is seeking an experienced Security Risk Analyst to assist in analyzing Groupon’s risk environment relative to third parties and internal services and assisting in recommending measures to safeguard valuable information assets and document key information and capabilities of third parties. The position is responsible for executing a portion of the Cybersecurity program designed to advise the organization on its management of third-party cybersecurity risk.

 

This involves an understanding of Groupon’s business requirements and a thorough understanding of regulatory requirements (such as GDPR,PCI) for both outsourced providers and internally developed solutions and how best to meet those requirements. The Analyst will develop strong partnerships with internal business partners and external vendors to ensure customer, employee, and company information is protected at the appropriate level.

 

The successful candidate will also be required to review and assess legal contracts as it pertains to the service providers security posture. The candidate should be able to understand legal terms and definitions and articulate potential security concerns to the Legal teams. The individual will also play a significant role in enhancing and implementing procedures to assess and risk rate the third-party information security program.
 

Professional Skills & Responsibilities

 

  •  Perform information security due diligence on third party vendors to determine the effectiveness of their controls to protect the Company’s data, identify any discrepancies and escalate all issues to management.

  • Review completed SIG questionnaires based on vendor risk and evaluate responses received from security questionnaires that align with ISO and NIST standards

  • Assisting in the risk and compliance program’s design, process re-engineering or enhancements and tool and technology implementations as applicable

  • Working directly with key business leaders to facilitate risk analysis and risk management processes, identifying acceptable levels of risk and establish roles and responsibilities with regards to risk management for both service providers and internal solutions

  • Assist in reviewing contracts, security addendums, and data processing agreements and comment on potential concerns or issues

  • Work with Procurement and Legal during the initial review of third party service providers to ensure proper diligence is performed

  • Assist in the development of third party due diligence policies and standards which set the vendor requirements based on risk.

  • Review current risk data to determine exceptions, trends or other changes in risk relative to the firm’s risk appetite and escalate as deemed appropriate.

  • Maintain knowledge of the latest active security threats in order to understand current risks and articulate those risk to the business and vendor 

 

Qualifications:

 

  • 3+ years of experience in an IT Risk, Third Party Vendor Assessment or Information Security organization with an understanding of Audit, Security and Risk.

  • Working knowledge of core security concepts such as encryption, DLP, networking security, cloud security, and web security, SAML, Oauth, etc.

  • Strong knowledge of PCI, SOX 404, GDPR, and other regulations/standards

  • Prior experience providing and negotiating information security provisions within third-party agreements.

  • Prior experience conducting information security due diligence of third-party suppliers

  • Proven analytical problem-solving skills with a demonstrated ability to research problems and proactively suggest ways to better a process

  • Highly motivated with demonstrated experience managing multiple projects in a fast-paced, deadline-oriented work environment

Groupon provides a global marketplace where people can buy just about anything, anywhere, anytime. We’re enabling real-time commerce across an expanding range of categories including local businesses, travel destinations, consumer products, and live or lively events. At the same time, we are providing advertising options and tools that merchants can use to grow and manage their businesses. Culturally, we believe that great people make great companies and that starting with the customer and working backward moves us forward. Community matters to us on an internal, local and global scale—it’s fundamental to our company’s growth and to the well-being of the world at large. We also value self-awareness, candor, lunch and WiFi. If we match with you, please apply to join us.

Read Full Job Description
Apply now
loading ...
Emailed

Technology we use

  • Engineering
  • Product
    • C#Languages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • RubyLanguages
    • FluxLibraries
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • Ember.jsFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • AccessDatabases
    • HiveDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • TeradataDatabases
    • IllustratorDesign
    • PhotoshopDesign
    • BasecampManagement
    • JIRAManagement

Location

1201 3rd Ave, Seattle, WA 98101

What are Groupon Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Retirement & Stock Options Benefits
401(K) Matching
Employee Stock Purchase Plan
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Perks & Discounts
Casual Dress
Stocked Kitchen
Happy Hours
Professional Development Benefits
Job Training & Conferences
More Jobs at Groupon36 open jobs
All Jobs
Data + Analytics
Dev + Engineer
HR
Internships
Marketing
Operations
Product
Product
new
Seattle
Marketing
new
Seattle
Data + Analytics
new
Seattle
Marketing
new
Seattle
Developer
new
Seattle
Operations
new
Seattle
Data + Analytics
new
Seattle
Data + Analytics
new
Seattle
Data + Analytics
new
Seattle
Developer
new
Seattle
Operations
new
Seattle
Data + Analytics
new
Seattle
Operations
new
Seattle
Product
new
Seattle
Product
new
Seattle
Data + Analytics
new
Seattle
Data + Analytics
new
Seattle