Senior GRC Analyst
Jersey City, NJ
Bluevine
A powerful business banking platform built for where you are and where you’re going—with lower fees, effortless money movement, and access to working capital.About Bluevine
Bluevine is on a mission to enable a better financial future for small business owners through innovative banking solutions designed just for them. By combining best-in-class technology with advanced security and a deep understanding of the small business community, we deliver end-to-end banking and lending products that empower always-on entrepreneurs to grow their businesses with confidence.
As a dynamic company with massive potential, we’re backed by leading investors such as Lightspeed Venture Partners, Menlo Ventures, 83North, Citi Ventures, and nearly 9 years of proven success. Since launching in 2013, we have grown exponentially, amassing over 400,000 customers across all 50 states and a global team of more than 500 people. Our passion is driven by purpose: to give small businesses the tools they need to succeed and we’re just getting started.
All of this begins with our team who are driven by collaboration, problem-solving, and learning and growing together. With a commitment to innovation and community impact, our mission is to help every small business—and every team member—thrive. Join us! #LI-Hybrid
This is a hybrid role. At Bluevine, we pride ourselves on our collaborative culture, which we believe is best maintained through in-person interactions and a vibrant office environment. All of our offices have reopened in accordance with local guidelines, and are following a hybrid model. In-office days will be determined by location and discipline.
ABOUT THE ROLE:
We are seeking an experienced individual to help lead the security governance, vendor security assurance and Security Compliance in Bluevine. As an Information Security Specialist you will be an important part of the security team, gaining valuable experience with designing and implementing secure integrations with 3rd parties in a rapidly evolving environment. Our team is always learning, sharing, and researching, and you will have the opportunity to work across all information security domains.
WHAT YOU'LL DO:
- Lead our 3rd party risk assessment program, assessing our vendors questionnaires, compliance and their attack surface
- Manage enterprise software information security (e.g. Salesforce, NetSuite etc.)
- Lead the Data Leak Prevention (DLP) program
- Take part of the company governance, regulations and compliance efforts
- Answer company prospects security questions and questionnaires supporting the company operations
- Recommend information security policies, standards and guidelines by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements
- Evaluate new technologies and processes that enhance security capabilities
WHAT WE LOOK FOR:
- Bachelor's degree in a related field or Equivalent experience
- Minimum - 5 years of experience in the Information Security field
- Must - Experience with security & privacy standards and regulations such as SOC 1, SOC 2, ISO 27001, GDPR, CCPA, etc.
- Must - Experience with Vendor Security Assessments (Conducting Security Audits or being directly audited)
- Must - Experience with CRM & ERP systems
- Must - Strong self-learning skills
Bonus points if you also have:
- At least 1 year of experience with Cloud IaaS services such as: AWS, Azure, GCP
- Experience with Vendor Management and Security Rating solutions
- Experience with large enterprise software infosec tools and methodologies
- Experienced with Incident Response, Vulnerability Management & Security Solutions
- Industry security certifications, relevant security educations or courses
New Hire Base Salary Range: $134,300 - $161,200
BENEFITS AND PERKS - for employees located in the US
- Excellent health coverage and life insurance benefits
- 401K with an immediate 3% company match
- PTO, Company Holidays, and Flexible Holidays
- Company-sponsored Mental Health Benefits, including 1:1 therapy
- Over $1,000 annually for a wellness benefit of your choice
- Monthly WFH stipend
- Generous, paid parental leave covering up to 16 weeks
- Access to financial coaches and education sessions
- Free commuter benefits - Caltrain passes for San Francisco employees and a monthly parking allowance
- Weekly catered lunches and fully stocked kitchen pantries
- Community-based volunteering opportunities
Tags: Audits AWS Azure Banking CCPA Cloud Compliance ERP GCP GDPR Governance IaaS Incident response ISO 27001 Privacy Risk assessment Security assessment SOC SOC 1 SOC 2 Vendor management Vulnerability management
Perks/benefits: 401(k) matching Career development Flex vacation Health care Lunch / meals Parental leave Snacks / Drinks Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs