Senior Analyst, Security GRC
United States
Full Time Senior-level / Expert USD 138K - 180K
Peloton
Access high-energy workouts, instantly. Discover Peloton: streaming fitness classes to you live and on-demand.ABOUT THE ROLE
Peloton inspires and motivates millions of people every day. A key part of delivering on that mission is not only an amazing experience that our instructors and platforms provide, but also the data, telemetry, and insights that empower our members to be the best version of themselves anywhere, anytime. Earning and maintaining our members’ trust and safeguarding their data is key to everything we do.
The Security Governance, Risk & Compliance (GRC) Analyst is a critical position within the team, and has risk and compliance responsibilities from a technology and security perspective across the organization globally. The main objective of the Security GRC team is to deliver best in class Security Governance, Risk and Compliance, services to ensure that Peloton operates in a risk mitigated, security managed environment and that Peloton’s security compliance objectives are being met. Their responsibilities span Peloton’s products and services and the internal applications, tools, and infrastructure that support them.
YOUR DAILY IMPACT AT PELOTON
- Working closely with the entire GRC team and stakeholders across the organization, this individual will be directly responsible for implementing, maintaining and improving internal controls to assure compliance with applicable regulatory and legal requirements.
- Drive risk analysis, operate controls, and help implement industry best practices for teams and technologies utilized across the organization.
- Responsible for executing internal Information Technology (IT) controls in support of regulatory and compliance frameworks for in-scope applications, operating systems and databases.
- Partner effectively with Information Security, Product, Platform, Internal Audit, Legal, and other internal peers to support Peloton’s compliance with applicable legal, regulatory, and security frameworks.
- Work closely with the Internal Audit Team to ensure alignment on timing, controls reliance, external audit reliance, etc.
- Support the development of new testing automations through the GRC platform, or similar tool-sets, to automate the IT internal controls testing (i.e. SOX user access review controls, data analytics, etc.).
- Maintains updated knowledge in the field of risk management and compliance to efficiently work on frameworks including NIST CSF, CIS Controls, PCI-DSS, SOX 404, etc.
YOU BRING TO PELOTON
- 4+ years of relevant internal audit and SOX experience, with a mix of private and public accounting experience preferred
- Working knowledge of IT systems - SAP, WMS, ADP, Salesforce, Coupa, etc
- Highly organized, motivated, and detail-oriented with the ability to work independently in a fast-paced environment
- Flexible and able to adapt quickly in a fast-moving environment
- Excellent problem-solving skills and ability to manage competing priorities and deadlines
- Strong degree of comfort working alongside, engaging and communicating with senior software engineering and business-side stakeholders
- Experience developing, championing, and managing internal compliance programs.
- One or more of the following certifications is preferred: CISA, CISM, CISSP
#LI-EV1
The base salary range represents the low and high end of the anticipated salary range for this position based at our New York City headquarters. The actual base salary offered for this position will depend on numerous factors including individual performance, business objectives, and if the location for the job changes. Our base salary is just one component of Peloton’s competitive total rewards strategy that also includes annual equity awards and an Employee Stock Purchase Plan as well as other region-specific health and welfare benefits. As an organization, one of our top priorities is to maintain the health and wellbeing for our employees and their family. To achieve this goal, we offer robust and comprehensive benefits including:- Medical, dental and vision insurance
- Generous paid time off policy
- Short-term and long-term disability
- Access to mental health services
- 401k, tuition reimbursement and student loan paydown plans
- Employee Stock Purchase Plan
- Fertility and adoption support and up to 18 weeks of paid parental leave
- Child care and family care discounts
- Free access to Peloton Digital App and apparel and product discounts
- Commuter benefits and Citi Bike Discount
- Pet insurance and so much more! Base Salary Range$138,800—$180,400 USD
ABOUT PELOTON:
Peloton (NASDAQ: PTON), provides Members with expert instruction, and world class content to create impactful and entertaining workout experiences for anyone, anywhere and at any stage in their fitness journey. At home, outdoors, traveling, or at the gym, Peloton brings together immersive classes, cutting-edge technology and hardware, and the Peloton App with multiple tiers to personalize the Peloton experience [with or without equipment]. Founded in 2012 and headquartered in New York City, Peloton has millions of Members across the US, UK, Canada, Germany, Australia, and Austria. For more information, visit www.onepeloton.com.
At Peloton, we motivate the world to live better. “Together We Go Far” means that we are greater than the sum of our parts, stronger collectively when each one of us is at our best. By combining hardware, software, content, retail, apparel, manufacturing, Member support, and so much more, we deliver an exhilarating fitness experience that unlocks our members' greatness. Join our team to unlock yours.
Peloton is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. Equal employment opportunity has been, and will continue to be, a fundamental principle at Peloton, where all team members, applicants, and other covered persons are considered on the basis of their personal capabilities and qualifications without discrimination because of race, color, religion, sex, age, national origin, disability, pregnancy, genetic information, military or veteran status, sexual orientation, gender identity or expression, marital and civil partnership/union status, alienage or citizenship status, creed, genetic predisposition or carrier status, unemployment status, familial status, domestic violence, sexual violence or stalking victim status, caregiver status, or any other protected characteristic as established by applicable law. This policy of equal employment opportunity applies to all practices and procedures relating to recruitment and hiring, compensation, benefits, termination, and all other terms and conditions of employment. If you would like to request any accommodations from application through to interview, please email: applicantaccommodations@onepeloton.com
Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Peloton does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the Peloton recruiting team and/or hiring managers will be from an @onepeloton.com email address.
If you have any doubts about the authenticity of an email, letter or telephone communication purportedly from, for, or on behalf of Peloton, please email applicantaccommodations@onepeloton.com before taking any further action in relation to the correspondence.
Peloton does not accept unsolicited agency resumes. Agencies should not forward resumes to our jobs alias, Peloton employees or any other organization location. Peloton is not responsible for any agency fees related to unsolicited resumes.
Tags: Analytics CISA CISM CISSP Compliance Data Analytics Governance NIST Risk analysis Risk management SAP SOX Strategy
Perks/benefits: 401(k) matching Competitive pay Equity Fertility benefits Fitness / gym Flex hours Flex vacation Health care Insurance Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs