Senior Information Security Analyst (GRC)
Madrid, ES
Celonis
The Celonis Process Intelligence Platform — powered by process mining — lets you reveal and realize the value opportunities hiding in your business processes - fast. Get started quickly and scale infinitely.We're Celonis, the global leading Process Mining software company and one of the world's fastest-growing SaaS firms. We believe that every company can unlock its full execution capacity - and for that, we need you to join us as a Senior Security Analyst in our Information Security organization.
The Team:
Our Global information security organization is responsible for security and trust. We think security-offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever changing threat landscape.
The Role:
At Celonis, we believe that trust in our security, governance, and compliance is critical. Our Trust team ensures that our people, platforms, and data remain secure from all forms of harm. As a Senior Security Analyst, you will lead security efforts to acquire and maintain industry certifications, design solutions that enable Celonis’ security goals, and collaborate directly with engineering teams to work quickly and securely. You will be responsible for defining the implementation of technical compliance capabilities and lead efforts to provide transparency to customers, prospects and other stakeholders. This role is focused on our Trust frameworks (SOC, HITRUST, etc.) and also on contributing to our compliance engineering initiatives in the future across multiple industry and regulatory frameworks.
The work you’ll do:
- Create and maintain information security policies, standards and controls
- Oversee the technical risk management process, including risk analysis and mitigation activities
- Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes from customers and external auditors relating to effective security practices, for example ISO 27001/2, ISO9001, SOC1, SOC 2-HIPAA, PCI-DSS and FedRAMP. (bonus: Compliance Engineering program development)
- Coordinate with other leaders on our privacy program, and relationship with the legal department in regards to privacy practices
- Work very closely with our Security Engineering and Security Operations organization for a holistic security program approach
- Create and maintain customer-facing security program documentation
- Grow our Trust team globally in multiple regions around the world
The qualifications you’ll need:
- You have a B.S. or at least 5 years of relevant industry experience.
- You have developed or assessed SOC, HITRUST, or other industry related compliance programs including understanding how to articulate controls and how to design effective compensating controls where necessary.
- You have an understanding of how to achieve compliance objectives in a cloud native environment.
- You have familiarity with AWS, GCP, or Azure.
- You have a proven track record working in security audit, compliance, information security operations, or security consulting.
- You value correctness and efficiency, and have an exceptional eye for detail.
- You have exposure to compliance and regulatory regimes (e.g. FedRAMP, GDPR, HIPAA, ISO 27001, PCI DSS).
- You want to work in a fast, high growth environment.
- Bonus: You value automation to ensure repeatable processes
What Celonis can offer you:
- The unique opportunity to work within a new category of technology, Execution Management
- Investment in your personal growth and skill development (clear career paths, internal mobility opportunities, mentorships, yearly development stipend)
- Great compensation and benefits packages (stock options, 401(K) matching, generous time off, parental leave, and more)
- Work from home support (mindfulness tools such as Headspace, monthly remote working stipend, flexible working hours, virtual events and workshops)
- A global and growing team of Celonauts from diverse backgrounds to learn from and work with
- An open-minded culture with innovative, autonomous teams
- Employee resource communities to help you feel connected, valued and seen (Women@Celonis, Parents@Celonis, Pride@Celonis, Resilience@Celonis, and more)
- A clear set of company values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future
About Us
Celonis believes that every company can unlock its full execution capacity. Powered by its market-leading process mining core, the Celonis Execution Management System provides a set of applications, and developer studio and platform capabilities for business executives and users to eliminate billions in corporate inefficiencies. Celonis has thousands of global customers and is headquartered in Munich, Germany and New York City, USA with 15 offices worldwide.
Celonis is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Different makes us better.
#mogul
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS Azure Cloud Compliance FedRAMP GCP GDPR Governance HIPAA HITRUST ISO 27001 PCI DSS Privacy Risk analysis Risk management SaaS SOC 1 SOC 2 Strategy
Perks/benefits: Career development Equity Flex hours Flex vacation Home office stipend Parental leave Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs