GRC Analyst at Squarespace
Our GRC team is looking for a creative and experienced IT compliance and security risk professional to join our growing program.
- Evaluate and maintain ITGC procedures, and controls for Squarespace systems (internally developed and third-party).
- Collaborate with partners across the business (Finance, Accounting, Internal Controls, Engineering, etc.) to track remediation of ITGC and security control gaps.
- Conduct self-assessments/audits to confirm Squarespace’s adherence to internal policies, compliance goals, and industry best practices.
- Help support external audits of our SOX and PCI control environments
- Perform detailed ITGC testing for in scope SOX systems. Document and communicate findings with the GRC team and, where necessary, process owners.
- Assist with security and enterprise risk assessments across the organization.
- Partner with Security Engineering to formally document security policies (outside the scope of ITGC policies) and procedures.
- Conduct vendor security risk assessments for any third-party SaaS software solutions being considered for use. Provide feedback to the key stakeholders based on the assessment and a recommendation to move forward or disengage.
- Grow and establish the GRC function at Squarespace through collaboration with Engineering teams and cross functional partnerships with Finance, Accounting, Legal, CustOps, Product, and Strategy.
- Track project status and communicate road blocks with proposed solutions.
- Relevant experience in an IT audit/compliance/risk management role
- Experience with IT controls implementation in the context of SOX and SOC 2/3
- Experience working in a full Linux environment, Git, and CI/CD
- Eager to learn from more seasoned GRC and Security Engineering professionals
- PCI controls implementation & SAQ experience is a plus
- Experience identifying, tracking, reporting and remediating IT procedural and technical risk
- Working knowledge of web-based technologies and cloud environments is a plus
- Big-4 is preferred
- CISA certification (or at a minimum, successful completion of the CISA examination) is strongly preferred
Squarespace makes beautiful products to help people with creative ideas succeed. By blending elegant design and sophisticated engineering, we empower millions of people — from individuals and local artists to entrepreneurs shaping the world’s most iconic businesses — to share their stories with the world. Squarespace’s team of more than 900 is headquartered in downtown New York City, with offices in Dublin and Portland. For more information, visit www.squarespace.com/about.
- Health insurance with 100% premium covered
- Flexible vacation & paid time off
- Equity plan
- 401(k) plan with employer match
- Free lunch and snacks
- Dog-friendly workplace
Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customer base, but we also strive for the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.