Information Security Analyst - GRC
StockXBuy and sell the hottest sneakers including Adidas Yeezy and Retro Jordans, Supreme streetwear, trading cards, collectibles, designer handbags and luxury watches.
Help empower our global customers to connect to culture through their passions.
Why you’ll love this role
This hands-on Security Analyst - GRC position will be part of StockX's Information Security Technical Risk Management team, leading efforts to document, communicate, and execute the security program. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.
What you’ll do
- Drive and define governance processes/controls
- Lead development of responses to inquiries and evidence requests for anything related to security
- Develop and maintain an in-depth knowledge of our cybersecurity program and practices and the correlation to business outcomes
- Develop a broad understanding around the implementation of the organization’s security controls through end-to-end process analysis
- Build teamwork and synergies among personnel throughout the organization working closely with counterparts within other areas of the business and external firms where applicable
- Develop trusted relationships with stakeholders and other team members to gain consensus approvals on strategies, recommendations, findings and project plans etc.
- Provide support activities that enable and ensure that StockX is ready to meet and demonstrate compliance with security standards, regulatory requirements and contractual obligations.
- Drive large complex cross-team security initiatives.
- Track progress, resolve dependencies, evaluate risks and communicate status to upper management and stakeholders. Engage and energize program teams to achieve aggressive goals.
- Experience with legal and regulatory compliance standards such as SOC, SOX, GDPR, etc.
- Knowledge of risk management, risks and controls concepts, principles of ERM and GRC concepts, information security and/or data privacy (e.g ISO27001, NIST)
- Familiarity with NIST Cybersecurity Framework.
- Strong understanding of fundamental information security concepts and technology.
- Strong project/program management background
- Experience with IT GRC/IRM platforms is a plus.
- Possess an understanding of emerging technologies including but not limited to mobile and cloud technology.
- Experience with IT governance, risk, and compliance management in a large global environment.
- Excellent written and verbal communication skills.
- Strong work ethic with attention to detail.
- Ability to excel in a fast-paced and rapidly changing environment
- Strong organizational skills
- 5-7 years of experience with a bachelor's degree in Information Security or equivalent or 2-3 years with a master’s degree
- CISSP, CISM, CSM, PMP or similar preferred
Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.
Pursuant to the various pay transparency laws/acts, the base salary range is $120,000 to $135,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.
StockX is the premier current culture platform for buying and selling authentic, new, sought-after products. Our powerful marketplace connects buyers and sellers for sneakers, apparel, accessories, electronics, collectibles and trading cards around the world. We provide millions of global customers with unprecedented access and market visibility powered by real-time data, allowing them to transact based on true market value. Launched in 2016 in Detroit, Michigan, StockX now employs more than 1,500 people in offices and authentication centers in 11 countries.
More jobs like this
USA, CO, Colorado Springs … USA, CO, Colorado Springs (150 Vandenberg St) Full TimeSenior Senior-levelUSD 81K - 186K USD 81K+
Booz Allen Hamilton
Cyber Operations for Space Analyst and Technical WriterClearance Compliance Computer Science ConOps DoD DoDD 8140 +5
401(k) matching Career development Equity Flex hours Flex vacation +4
Allen, TX, United States Allen, TX, United States Full TimeSenior Senior-levelUSD 52K - 98K * USD 52K+ *
CFC (Cyber Fusion Centre) Sr. Threat Detection Analyst I - US REMOTE ONLYAgile CERT Firewalls GIAC IDS Intrusion detection +9
401(k) matching Career development Competitive pay Equity Flex hours +5
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open DoD-related jobs