Senior Analyst - Governance, Risk Management, and Compliance

| Greater NYC Area

The GRC team is seeking forward thinking, creative, technical, and talented IT compliance and security risk professionals with a strong background in regulatory controls requirements, process improvement, controls implementation, and security risk analysis.

Responsibilities:

  • Evaluate, develop, manage and maintain ITGC policies, procedures, and controls for Squarespace systems (internally developed and vendor provided).
  • Actively work with stakeholders across the business (Finance, Accounting, Internal Controls, Engineering, etc.) to identify, document, and track remediation of ITGC and security control gaps.
  • Conduct periodic self-assessments of Squarespace’s adherence to internal policies, compliance reporting objectives and industry best practices.
  • Work closely with the Squarespace Internal Controls team and external auditors.
  • Communicate policy and procedure requirements to stakeholders.
  • Leverage knowledge of published risk and control frameworks (ISO, NIST, CIS, SOC, etc.) to develop a customized security risk and control framework for Squarespace based on the company’s risk profile.
  • Conduct security risk assessments across the organization, rank security risks, articulate risk in terms of business impact, and suggest reasonable strategies to mitigate risks.
  • Work closely with Squarespace Security Engineering teams to automate control processes and integrate the process side of security with the technical side of security.
  • Apply technical knowledge of Linux and access control by configuring and managing auditd access monitoring and accounting rules
  • Formally document and develop security policies (outside the scope of ITGC policies) and procedures.
  • Conduct vendor security risk assessments, provide risk based recommendations to the organization, and evaluate the company third party risk posture.
  • Grow and establish the GRC group within Squarespace and contribute to the GRC community through participation in conferences and sharing knowledge and approaches developed through our work at Squarespace.
  • Actively track project status and proactively communicate road blocks.

Qualifications:

  • 5+ years relevant experience in an IT audit/compliance/risk management role
  • Experience with IT controls implementation in the context of SOX and SOC 2/3
  • Data analytics background utilizing NoSQL, SQL, and/or Python is strongly preferred
  • Experience working in a full Linux environment, Git, and CI/CD
  • Self-motivated and capable of coaching/mentoring staff as the team grows in size
  • PCI controls implementation, SAQ, and RoC experience is a plus
  • Experience with identifying, tracking, reporting and remediating IT procedural and technical risk
  • Working knowledge of web based technologies and cloud environments is desired to achieve success in this role
  • Big-4 is preferred
  • CISA and/or CRISC certification is strongly preferred

About Squarespace

Squarespace provides creative tools and services to help anyone build and manage their brand online. For more than a decade, we’ve empowered millions of people — from individuals and local artists to entrepreneurs building the world’s most iconic businesses — to take control of their online presence like never before. By blending elegant design and sophisticated engineering, Squarespace sets the new standard for modern publishing.
Squarespace’s team of more than 500 is headquartered in downtown New York City, with offices in Dublin and Portland. For more information, visit www.squarespace.com/about.

Perks

  • Health insurance with 100% premium covered
  • Flexible vacation & paid time off
  • Equity plan
  • 401(k) plan with employer match
  • Free lunch and snacks
  • Dog-friendly workplace

Today, more than a million people around the globe use Squarespace to share different perspectives and experiences with the world. Not only do we embrace and celebrate the diversity of our customer base, but we also strive for the same in our employees. At Squarespace, we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

Read Full Job Description

Technology we use

  • Engineering
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • ReactLibraries
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedshiftDatabases
    • KafkaDatabases

Location

Squarespace is headquartered in the West Village of Manhattan, within walking distance from the 1, A, C, E, B, D, F, and M trains.
8 Clarkson Street, New York, NY 10014

Insider's spotlight

What are some social events your company does?

In the past we've had trivia nights, talent shows, and video game tournaments. My background is actually in theatre, so amazingly had the opportunity of taking to the microphone and hosting some of the events here.

Jose Paz

Community Manager

What kinds of technical challenges do you and your team face?

Our team’s mission is to configure, integrate, automate, and report on all HR systems. This means we are constantly trying to do things no one has ever done before. Some of the challenges we regularly encounter are hacking together system integrations, implementing controls to ensure data integrity, and manual task automation for our users.

Paul

People Tech Manager

How has your career grown since starting at the company?

Before Squarespace, I had been in management consulting. Squarespace provided the opportunity to both transition into tech but also into a technical role as a Data Scientist on the Strategy team. I loved working across the business to develop insights and recommendations and then continue working with those teams to see our ideas brought to life.

Andie

Senior Data Scientist

What are some social events your company does?

The company holiday party is a pretty big social event. Each location has one and I’ve crashed three of the four parties in Ireland as well. At this point, if I don’t go to the Dublin holiday party, I might get messages asking if I’m okay.

Vishal

Team Lead, Product Support

What are Squarespace Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Game Room
Stocked Kitchen
Happy Hours
Pet Friendly
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
More Jobs at Squarespace48 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR
Marketing
Operations
Product
Project Mgmt
Content
Finance
new
Squarespace
Design + UX
new
Squarespace
Content
new
Squarespace
Finance
new
Squarespace
Finance
new
Squarespace
Design + UX
new
Squarespace
Design + UX
new
Squarespace
Design + UX
new
Squarespace
HR
new
Squarespace
Marketing
new
Squarespace
Data + Analytics
new
Squarespace
Marketing
new
Squarespace
Marketing
new
Squarespace
Finance
new
Squarespace
Project Mgmt
new
Squarespace
Finance
new
Squarespace
Product
new
Squarespace
Operations
new
Squarespace
Data + Analytics
new
Squarespace
Design + UX
new
Squarespace
Marketing
new
Squarespace
Marketing
new
Squarespace
Operations
new
Squarespace
HR
new
Squarespace
HR
new
Squarespace
HR
new
Squarespace
Product
new
Squarespace
Developer
new
Squarespace
Data + Analytics
new
Squarespace
Design + UX
new
Squarespace
Design + UX
new
Squarespace
Developer
new
Squarespace
Developer
new
Squarespace
Developer
new
Squarespace