SevenRooms is a guest experience platform that helps hospitality operators connect data across the guest journey. We enable operators to automatically drive revenue & profitability by leveraging data to build direct relationships, deliver exceptional experiences, and increase repeat business. Founded in 2011, SevenRooms is venture-backed by Amazon, Comcast Ventures and Providence Strategic Growth. We were included on Inc.‘s annual Best Workplaces & Forbes’ Best Startup Employers lists in 2020.
We are looking for a Senior Technology GRC Analyst to support the team in the development of IT policies, processes and controls around SevenRooms’ PCI compliance, SOC2 compliance and other technology risk management activities. You will assist the Security and Compliance team with expanding and building a leading information security practice to transform our information security capabilities and IT compliance posture. You will be joining a growing team of information security professionals and reporting directly to our Director, Security Compliance & Risk.
This role will require an execution-oriented and strong team player who can work across the organization to help manage our audit requirements, identify process improvements and lead themselves and others in project completion.What You’ll Do
- Compliance Management: Execute on our Technology GRC plan to ensure an effective internal control environment for PCI, SOC 2, ISO2700x and other regulatory requirements (e.g., GDPR, CCPA); Review, implement and maintain a GRC tool to drive a risk aware and compliant-centric organization
- Continuous Improvement: Coordinate and manage cross-functionally to assist business units in the development and implementation of remediation plans related to IT controls; Create and maintain internal control narratives, flowcharts and risk matrices.
- Technology Risk Management: Support the management in identifying key technology risks, forward thinking mitigation strategies and improvements to the business process.
- Policies and Procedures: Review and enhance IT security policies and procedure documents based on ISO2700x standards; Develop and maintain ITGC process flows, procedural documentation and effective compliance strategies for key applications in a complex SaaS environment.
- Internal Communication: Educate the IT organization on governance, risk and controls, and compliance concepts
- Vendor Risk Management: Coordinate with third parties/auditors for all matters related to PCI audits, SOC 2 audits, Vendor Security Reviews, and financial audits.
- 3 - 5 + years of relevant experience in the fields of Information Systems audit, IT Risk Assurance, Internal and/or External audit (Big 4 preferred)
- Experience working at a SaaS company preferred
- CISA, CISSP or equivalent Information Technology audit or security certifications are preferred
- Working knowledge of information security and computer networks, servers, database and SaaS technologies
- Experience working with GDPR, ISO2700x, ISO27017 and other regulations preferred
- Knowledge of the COSO 2013, COBIT and ITIL frameworks preferred
- Proven ability to lead self and others in executing discrete tasks and developing compliance strategies to drive effective results
- Proven ability to manage projects to conclusion, while collaborating with a diverse group of professionals from both technical and non-technical backgrounds
- Highly organized and detail-oriented, with strong analytical, problem solving, and critical thinking skills.
- Effective verbal and written communication skills with a proven ability to break down technical aspects of compliance into basic concepts
- Maintains updated knowledge of best practices in the field of technology risk management, compliance and data privacy
- Fair and equitable compensation: Our compensation packages are competitive based on external market data. At SevenRooms, you can expect fair pay for your hard work and dedication to helping us transform the hospitality industry. In addition, we also offer equity in our growing organization.
- Comprehensive benefits package: A full slate of benefits coverage including: medical, dental, vision, pre-tax commuter options, gym reimbursements, 401K, and unique memberships through One Medical and Perkspot.
- Flexible and independent working schedule: We offer unlimited vacation because we trust you to take the time you need to recharge and be your most productive self.
- Opportunities for training and professional development: Your manager will partner with you on establishing quarterly objectives that not only benefit the company but aid in your overall development as a leader in the industry.
SevenRooms is an equal opportunity workplace and an affirmative action employer. We welcome all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, or veteran status. We understand the importance of creating a more diverse and inclusive workplace and celebrate our employees for their differences.
View our Prospective Employee Privacy Notice by visiting https://bit.ly/3iUUpYK