Security Compliance Analyst 3 | DOTS
GympassDurch Unternehmen möglich – von Mitarbeiter:innen geliebt. Das Corporate Wellness Program für Top-Fitnessstudios, Wellness-Apps und mentale Gesundheit.
GET TO KNOW US
We simplify wellness so you can find everything in one place. Gympass is a corporate wellness platform that connects you to thousands of fitness & wellness partners, all with one simple monthly membership. Founded in 2012 and headquartered in NYC, we have a growing global team in 11 offices around the world. At Gympass, you not only have the opportunity to build a career in a fast-paced global environment - but you'll make wellbeing universal, so everyone can be happy and healthy.
WHAT MAKES A GYMPASSER?
We are passionate about our mission! Whatever your job title is, here you can make a global impact and change people’s lives. At Gympass, we collaborate, set high achievable goal expectations, and focus on the end result. It's a challenging, evolving environment that allows you to learn and grow. You will face a disruptive and emerging business model that will push you in several areas, with no boundaries for creation and collaboration.
We are looking for a team member to help us on customer's cybersecurity compliance assessmets focus on replying to their audit questionnaires, help the Infosec Team, IT and Infrastructure Teams to drive the strategy to improve our security architecture, and find how to improve the way we work to deliver an amazing product that our customers can trust.
We are all in the cloud and use software engineering principles to solve large-scale production challenges.
- You can write documentation and knowledge base to support the Sales Team during customers' Security Assessments.
- You have worked cross-functionally with Engineering, Product, IT, Legal, Infrastructure and operational teams to drive security control implementation for the organization.
- You have worked on Implementation of security compliance requirements.
- You have worked along with security teams on compliance standards and validations
- You have helped mature company's overall security policy and governance architecture
- You have provided input into the overall security compliance strategy
- You have helped the security and engineering teams as a subject matter expert for the security compliance and have identified gaps both on the product or infrastructure side.
WHO YOU ARE
- Fluent in English
- Graduated on Cybersecurity, Systems Development, IT Management or related areas.
- Professional working experience in Security Compliance or related Cybersecurity areas.
- Experience working with one or more of the following security standards and frameworks: SOC 2, ISO 27001, PCI DSS, NIST 800-53
- Experience with cloud security architectures and technologies (preferably AWS)
- Ability to work efficiently and independently in a fast-paced, innovative environment
- Ability to work closely with sales teams and internal stakeholders and articulate technical concepts
- Experience in auditing of networks, operating system, and application security
The knowledge below is considered a plus:
- Professional work experience in security audits (ISO27001, PCI-DSS, SOC2)
- Knowledge in cybersecurity routines such as vulnerability management, penetration tests, disaster recovery tests, change management, and etc.
- Certification in cybersecurity (CISSP, CIPP, CIPM, CIPT, CompTIA Security+, CEH, and etc)
- Knowledge in cybersecurity tools such as Security Rating Platforms, Vulnerability Scanners, Antivirus, Firewalls and etc.
WHAT WE OFFER YOU
We're a wellness company that is committed to the health and well-being of our employees. Our flexible program allows you to customize your benefits, according to your needs! Our benefits include:
WELLNESS: Health, dental, and life insurance.
FLEXIBLE WORK: Choose when and where you work. For most, this will be a hybrid office/remote structure but can vary depending on the needs of the role and employee preferences. We offer all employees a home office stipend and a monthly flexible work allowance to help cover the costs of working from home.
GYMPASS DISCOUNT: We believe in our mission and encourage our employees and their families to find their passion too. Access onsite gyms and fitness studios, digital fitness programs, and online wellness resources for meditation, nutrition, mental health support, and more.
PAID TIME OFF: We know how important it is that our employees take time away from work to recharge.
BR: Vacations after 6 months and 3 days off per year + 1 day off for each year of tenure (up to 5 additional days) + extra day off for your birthday.
PAID PARENTAL LEAVE: Welcoming a new child is one of the most special moments in your life and we want our employees to take the time to be present and enjoy their growing family.
BR: 100% paid parental leave of 6 weeks to all new parents, of both biological and adopted children, regardless of gender and parent's relationship with the co-parent, Also extended maternity leave under local legislation
CAREER GROWTH: Outstanding opportunities for personal and career growth. That means we maintain a growth mindset in everything we do and invest deeply in employee development.
CULTURE: An exciting and supportive atmosphere with ambitious people from around the world!
Belonging @ Gympass
Gympass is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law.
Questions on how we treat your personal data? See our Job Applicant Privacy Notice.
Tags: Application security Auditing Audits AWS CEH CIPP CISSP Cloud Compliance CompTIA Governance ISO 27001 ISO27001 NIST PCI PCI DSS Privacy Security assessments SOC 2 SOC2 Strategy Vulnerability management
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Senior Security Operations Engineer jobs
- Open Penetration Tester jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Application Security Engineer/Architect jobs
- Open Head of Information Security jobs
- Open Senior Security Analyst jobs
- Open Sr. Security Engineer jobs
- Open SOC Analyst jobs
- Open Staff Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Offensive Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Security Researcher jobs
- Open Senior Information Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Security Consultant jobs
- Open Security Engineer II jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Azure Security Engineer jobs
- Open GCP-related jobs
- Open Kubernetes-related jobs
- Open Analytics-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Clearance-related jobs
- Open Audits-related jobs
- Open Agile-related jobs
- Open Threat intelligence-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CISM-related jobs
- Open Governance-related jobs
- Open CISA-related jobs
- Open Ruby-related jobs
- Open DevSecOps-related jobs
- Open ISO 27001-related jobs
- Open Open Source-related jobs
- Open Encryption-related jobs
- Open Security assessments-related jobs
- Open GDPR-related jobs