Compliance Analyst II, Risk & Governance at Vimeo
As a Risk and Governance Compliance Analyst at Vimeo, will support in educating, establishing, and maintaining Information Security Governance, Risk Management, and Compliance (GRC) workflows coordinate risk audit and risk compliance projects, as well as help maintain standards, policies, and policies that govern the information security program for the company.
You will also be a member of the security organization on the compliance team , and a guiding hand for organizational level initiatives such as security awareness and vulnerability assessment and management.What you’ll do:
- Enhance and oversee all aspects of the Vimeo risk controls to ensure continued compliance with stated goals.
- Establish processes to support the controls and ensure that information security risk impact assessments and risk mitigation strategies are implemented throughout the organization with a specific focus on ensuring proper implementation of product features.
- Perform audits and risk assessments of Vimeo systems and vendors to understand privacy implications and make recommendations for vendor risk mitigation
- Educate and mentor technical teams on identifying security risks to foster more secure products and services.
- Establish continuous monitoring capabilities, report on key performance indicators, identify, track and monitor control exceptions and draft audit responses.
- Must be able to build relationships with technology and business teams across the company.
- 2-4 years of full-time work experience in IT audit or IT risk management. Experience in leading security assessments and IT risk assessments/
- Experience working with or managing Security compliance control as captured through such as SOC 2 Type 2 principles and ISO27001:2013.
- Highly motivated, strong work ethic, attention to detail, and organizational skills.
- Understanding of common Information Security and Information Technology frameworks and standards,NIST 800-37, FAIR, RMF, NIST 800-53 and CSF
- Thorough understanding of risk management principles and methodologies.
- Ability to translate abstract and vague regulatory requirements into cohesive actionable compliance tasks.
- Ability to collaborate in a team setting and moderate conversations involving cross-functional groups.
- Experience with application security, SaaS environments, or cloud security is a plus.
Vimeo is the world’s leading all-in-one video software solution. Our platform enables any professional, team, and organization to unlock the power of video to create, collaborate and communicate. We proudly serve our growing community of over 200 million users — from creatives to entrepreneurs to the world’s largest companies.
Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of passionate, dedicated people, represents our diverse and global community. We’re proud to be an equal opportunity employer where diversity, equity and inclusion is championed in how we build our products, develop our leaders, and strengthen our culture.
Learn more at www.vimeo.com
Learn more at www.vimeo.com/jobs