BitSight’s mission is to enable trust in digital transactions. Together, we are transforming how the market governs cybersecurity risk through Security Ratings. BitSight Security Ratings are real-time, data-driven measurements of cyber security performance that help companies, investors, insurers, government agencies and regulators make informed, dynamic risk decisions impacting business results, financial investments and national security.
- Founded in 2011, BitSight transforms how organizations manage information security risk.
- Manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk.
- Seven of the top 10 cyber insurers, 20% of Fortune 500 companies, and 3 of the top 5 investment banks use BitSight
- BitSight is the most widely used Security Ratings Service with over 2,500 customers and the largest ecosystem of users and information
The GRC Analyst is responsible for supporting the information security and risk management programs protecting BitSights information assets by applying BitSight information security policies and standards. The GRC analyst must be able to self-manage multiple high-priority initiatives. This position will require the incumbent to participate in training and continuing education to enhance their information security and risk management knowledge and skill set.
DUTIES & RESPONSIBILITIES
-
Assist in developing and maintaining a robust compliance program to scale with the company’s growth and ensure that BitSight complies with all applicable regulatory requirements and industry best practices.
-
Become a “go-to” contact on daily IT compliance-related matters, including responding to compliance-related inquiries and referrals, participating in special projects, providing technical support to other departments, and assisting sales with questionnaires, security artifact requests, and escalated customer inquiries.
-
Assist in documenting GRC processes and procedures.
-
Serve as a point person for and coordinate responses to regulatory inquiries, due diligence requests, and external audit requests (e.g., card brand reviews, SOC, PCI, SOX, and partner due diligence).
-
Assist in developing and implementing a continuous monitoring program for IT compliance and automation of manual processes.
-
Monitor regulatory and industry trends to ensure that changes in compliance policies and procedures are tested and integrated promptly.
-
Assist in the configuration and administration of a cloud-based (GRC) tool.
SKILLS, EDUCATION, & WORK EXPERIENCE
-
Bachelor’s degree in information technology or other related fields
-
Skills in documenting risk and compliance activities
-
Experience performing information security audits or risk assessments
-
Understanding common security frameworks, standards, and regulations (e.g., SOC, GDPR, CCPA, PCI DSS, ISO2700x, etc.)
-
Ability to develop security standards and guidelines based on best practices and industry standards
-
Excellent interpersonal, communication, and presentation skills, including formal report writing experience
-
Ability to develop creative and adaptive solutions to unique and complex inquiries
-
Unwavered by a rapid-paced working environment and meeting deadlines
-
Team-focused, positive attitude, and a good sense of humor
-
Ability to collaborate effectively with a wide range of people in a diverse and accepting environment
Diversity. BitSight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.
Culture. We put our people first. BitSight offers best in class benefits, including unlimited paid time off, 401k match, and commuter benefits. All employees are bonus eligible. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at BitSight will give you the opportunity to fulfill your professional goals and expand your skills.
Open-minded. If you got to this point, we hope you’re feeling excited about the job description you just read. Even if you don’t feel that you meet every single requirement, we still encourage you to apply. We’re eager to meet people that believe in BitSight’s mission and can contribute to our team in a variety of ways.
Additional Information for United States of America Applicants:
Qualified applicants with criminal histories who are based in San Francisco and applying for remote roles will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.
This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act.
If you are resident of Colorado or New York City, please email us at recruiting@bitsighttech.com to receive compensation and benefits information for this role.
Please Note :
bankofmontserrat.ms is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, bankofmontserrat.ms provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.