Sr Analyst, GRC Operations (NYC)
Our GRC team is growing and we’re looking for an experienced technology audit, compliance, and risk professional to join the team!
The Squarespace GRC team’s programs have wide ranging visibility and provide a unique opportunity to partner with departments across the organization. The GRC Operations role compliments the GRC Implementation and Analysis team. GRC Operations focuses on developing ongoing audit/monitoring plans for the controls in place throughout our Engineering department. Specifically, the GRC Operations position will be involved in the evaluation of internal control design and operating effectiveness to ensure compliance with security, privacy, and financial reporting programs. In addition to partnering with GRC and Engineering team members, the GRC Ops role will also work with teams across the organization (Internal Controls, Finance, Security Engineering) to accomplish technical audits that address our current needs. Additionally, the GRC Ops role will be involved with the vendor risk management and enterprise security questionnaire processes.
You will report to our Director of GRC, who will work with you to develop a roadmap for growing this position.
- Help with ongoing maintenance of information security policies.
- Conduct regular self-assessments throughout engineering to confirm adherence to company policy.
- Work with engineering teams to understand and document the controls within their environment(s).
- Develop roadmaps that outline audit plans and strategies for each quarter.
- Document the results of audits along with control and process improvement recommendations.
- Partner with Finance, Accounting, and Internal Controls teams to understand our processes and assist with IT controls development.
- Display in depth and working knowledge of regulatory and compliance reporting and frameworks such as SOX, SOC 1, SOC 2, PCI and ISO27001.
- Work with the Security Engineering team to understand their audit needs and build those needs into quarterly roadmaps.
- Provide regular status updates to the Director of GRC and proactively address delays in work as they occur.
- Co-manage the vendor security risk management process at Squarespace, with the potential of managing the function in its entirety.
- Co-manage the enterprise customer security questionnaire process at Squarespace, with the potential of managing the function in its entirety.
- Work with the Data Privacy team at Squarespace to develop audit and monitoring activities for controls related to GDPR, CCPA, etc.
- Partner with external audit firms on audit and compliance programs.
- 5+ years relevant experience in an IT audit/compliance/risk management role.
- Have experience in controls testing following SOX and SOC 1/2/3 frameworks.
- Experience leading and project managing all phases of audit, including planning, execution, and reporting.
- Experience successfully coordinating across departments (Internal Controls, Finance, Accounting, and People).
- Experience delivering audit findings and recommendations to your partners.
- Experience identifying, tracking, reporting, and remediating IT procedural and technical risks.
- Ideally, you have working knowledge of web-based technologies and cloud environments.
- Experience with IT internal auditing, data privacy, and technical security are all a plus.
- Big-4 experience is a plus.
- CISA or CISSP certification preferred.
Squarespace makes beautiful products to help people with creative ideas succeed. By blending elegant design and sophisticated engineering, we empower millions of people — from individuals and local artists to entrepreneurs shaping the world’s most iconic businesses — to share their stories with the world. Squarespace’s team of more than 1,000 is headquartered in downtown New York City, with offices in Dublin and Portland. For more information, visit www.squarespace.com/about.
Benefits & Perks
- Health insurance with 100% premium covered for you and your dependent children
- Flexible vacation & paid time off
- Up to 20 weeks of paid family leave
- Equity plan for all employees
- Retirement benefits with employer match
- Fertility and adoption benefits
- Free lunch and snacks at all offices
- Education reimbursement
- Dog-friendly workplace in New York office
- Commuter benefit in the form of reduced tax (Ireland) and pretax (US)
Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customer base, but we also work toward the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.