Engineering Compliance - GRC Analyst
New York City
Our GRC team is growing and we're looking for an experienced technology audit, compliance, and risk professional to join the team! The Squarespace GRC team's projects have wide ranging visibility and provide a unique opportunity to partner with departments across the organization. The GRC team at Squarespace is comprised of two sub-teams: Risk/Data Privacy and Compliance.
You will focus on developing ongoing audit/monitoring plans for the technology controls in place throughout our Engineering department. Specifically, the GRC Analyst will be involved in the evaluation of internal control design and operating effectiveness to ensure compliance with security and financial reporting frameworks. In addition to a strong partnership with GRC and Engineering team members, the GRC Analyst role will also liaise with teams across the organization (Internal Controls, Finance, Security Engineering) to execute technology audits that address the organization's current needs.
The GRC Analyst role will report to the GRC Team Lead. This position will be based out of our New York City headquarters.
You'll get to...
- Help with ongoing maintenance of information security policies as they relate to Squarespace compliance programs.
- Conduct design and operational effectiveness testing to confirm adherence to company policy and controls.
- Document audit procedures and results.
- Demonstrate a clear understanding of how technology scoping works in a SOX engagement.
- Work with engineering teams to understand and assess the controls within their environment(s).
- Help with roadmaps that outline audit plans for each quarter.
- Partner with Finance, Accounting, and Internal Controls teams to understand our processes and how technology controls fit into those processes.
- Work closely with the Security Engineering team to understand their audit needs and build those needs into quarterly roadmaps.
- Provide regular status updates to the GRC Compliance Team Lead and communicate delays in work as they occur.
- Partner with external audit firms on audit and compliance programs.
Who we're looking for...
- Bachelor's degree
- 2+ years relevant experience in an IT audit/compliance/risk management role.
- Must have experience in controls testing in line with SOX and/or SOC 1/2/3 frameworks.
- Proven ability to plan and execute ITGC testing and subsequent status reporting.
- Familiarity with working cross departmentally (Internal Controls, Finance, Accounting, People).
- Display a working knowledge of SOX IT General Controls requirements.
- Experience with security audits is a plus.
- Experience identifying, tracking, reporting and remediating IT procedural and technical risk.
- Working knowledge of web based technologies and cloud environments is a major plus.
- Big-4 experience and/or CISA certification are a plus.
BENEFITS & PERKS
- Health insurance with 100% premium covered for you and your dependent children
- Fertility and adoption benefits
- Retirement benefits with employer match
- Flexible vacation & paid time off
- Up to 20 weeks of paid family leave
- Equity plan for all employees
- Pretax commuter benefits
- Education reimbursement
- Employee donation match to community organizations
- 7 Employee Resource Groups across locations
- Dog-friendly workplace
- Free lunch and snacks
- Private rooftop
Squarespace is a leading all-in-one website building and ecommerce platform that enables millions to build a brand and transact with their customers in an impactful and beautiful online presence. Our suite of products enables anyone at any stage of their journey to manage their projects and businesses through websites, domains, ecommerce, marketing tools, and scheduling, along with tools for managing a social media presence with Unfold and hospitality business management via Tock. Squarespace democratizes access to best-in-class design, helping our customers in approximately 200 countries and territories maintain consistent branding across all digital touchpoints to stand out online. Our team of more than 1,400 is headquartered in downtown New York City, with offices in Dublin, Ireland, Portland, Oregon, Los Angeles, California and Chicago, Illinois. For more information, visit www.squarespace.com.
Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customer base, but we also strive for the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.
Other jobs like this
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Senior Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Security Consultant jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open SOC Analyst jobs
- Open Lead Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Security Analyst jobs
- Open Application Security Engineer/Architect jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Product Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Network Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Network security-related jobs
- Open Clearance-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Malware-related jobs
- Open Threat intelligence-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open CISA-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open SQL-related jobs
- Open DevSecOps-related jobs
- Open Security assessment-related jobs
- Open Splunk-related jobs
- Open PowerShell-related jobs
- Open OWASP-related jobs