As a Sr. Compliance Analyst at Vimeo, you’ll work to ensure compliance with regulatory and industry mandates that include Sarbanes-Oxley (SOX), PCI, GDPR, ITGC, ePrivacy and others. You’ll be responsible for the day-to-day aspects including scoping, implementing controls, overseeing all review exercises, creating and maintaining documentation, as well as working with all departments to complete the assessments!

You will also be a core member of the security organization, and a guiding hand for organizational level initiatives such as security awareness and internal employee privacy.

What you’ll do:

• Enhance and oversee all aspects of the Vimeo IT General Controls (ITGC) to ensure our continued compliance.
• Establish processes to support the controls and ensure that control self-assessments and audits are conducted in a timely manner ensuring completeness and accuracy.
• Manage and monitor the effort to ensure compliance with Sarbanes-Oxley (SOX), PCI, ITGC, and others related frameworks.
• Perform audits and risk assessments of third parties such as vendors, services providers, consulting organizations, etc.
• Educates and mentors technical teams on embedding compliant practices into the way Vimeo operates to help foster a compliance culture.
• Must be able to build relationships with technology and business teams across the company.

Skills and knowledge you should possess:

• 3-5 years' experience in an information security compliance, audit, risk management or ISA/QSA role with hands-on experience in a multitude of compliance initiatives.
• Understanding of Sarbanes Oxley (SOX Compliance requirements), PCI and IT General Controls.
• Familiarity with CCPA, GDPR and ePrivacy.
• Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security.
• Familiarity with cloud-based environments and technologies with associated auditing methodologies.
• Expert presentation, documentation and communication skills.
• Bachelor's or Master's degree in a computer or information management field or similar work experience.
• Strong attention to detail, influencing and problem resolution skills.

Bonus Points (nice skills to have, but not needed): 

• At least one of CISSP, CISA, CISM, CSA, QSA preferred.
• Experience running a large scale security awareness program.

About us:

Vimeo is the world’s only all-in-one video solution. Our software enables any professional, team, and organization to unlock the power of video to create, collaborate and communicate. We proudly serve our growing community of over 200 million users — from creatives to entrepreneurs to the world’s largest companies.

Vimeo is headquartered in New York City with offices around the world.  At Vimeo, we believe our impact is greatest when our workforce of over 650 passionate, dedicated people, represents our diverse and global community. We’re proud to be an equal opportunity employer where diversity, equity and inclusion is championed in how we build our products, develop our leaders, and strengthen our culture.

Learn more at www.vimeo.com

Learn more at www.vimeo.com/jobs