As a Compliance Analyst at Vimeo, you’ll work to ensure compliance with regulatory and industry mandates that include Sarbanes-Oxley (SOX), PCI, GDPR, ITGC, ePrivacy and others. You’ll be responsible for the day-to-day aspects including scoping, enforcing controls, supporting all review exercises, updating and maintaining documentation, as well as working with all departments to complete assessments!

You will also be a core member of the security organization embedded within the compliance team. You will serve as a guiding hand for organizational level initiatives such as security awareness and compliance best practices. 

What you’ll do:

• Support all aspects of the Vimeo IT General Controls (ITGC) to ensure our continued compliance.
• Maintain processes to support the controls and ensure that control self-assessments and audits are conducted in a timely manner ensuring completeness and accuracy.
• Aid and monitor the effort to ensure compliance with Sarbanes-Oxley (SOX), PCI, ITGC, and others related frameworks.
• Perform audits and risk assessments of third parties such as vendors, services providers, consulting organizations, etc.
• Educates and mentors technical teams on embedding compliant practices into the way Vimeo operates to help foster a compliance culture.
• Must be able to build relationships with technology and business teams across the company.

Skills and knowledge you should possess:

• 1-2 years' experience in an information security compliance, audit, risk management or ISA/QSA role with hands-on experience in a multitude of compliance initiatives.
• Must be familiar with AICPA standards and working knowledge of accepted Audit frameworks such as COBIT.
• Understanding of Sarbanes Oxley (SOX Compliance requirements), PCI and IT General Controls.
• Familiarity with CCPA, GDPR and ePrivacy.
• Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security.
• Familiarity with cloud-based environments and technologies with associated auditing methodologies.
• Strong attention to detail, influencing and problem resolution skills.

Bonus Points (nice skills to have, but not needed): 

• At least one of CISSP, CISA, CISM, CSA, QSA preferred.
• Experience running a large scale security awareness program.

About us:

Vimeo is the world’s leading all-in-one video software solution. Our platform enables any professional, team, and organization to unlock the power of video to create, collaborate and communicate. We proudly serve our growing community of over 200 million users — from creatives to entrepreneurs to the world’s largest companies.

Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of over 650 passionate, dedicated people, represents our diverse and global community. We’re proud to be an equal opportunity employer where diversity, equity and inclusion is championed in how we build our products, develop our leaders, and strengthen our culture.

Learn more at www.vimeo.com 
Learn more at www.vimeo.com/jobs