Red Ventures is seeking two Senior Security Analysts to join our growing Cyber Security team. In this role, we’re looking for that perfect person who is passionate about IT and the myriad of IT standards and guidelines that large successful company should follow. If you enjoy using IT acronyms as part of your normal conversation, you may be a great candidate for this position. You will have broad latitude to work independently and coordinate and interact with a broad group of bright and energetic people throughout the company.
In this role, you will work closely with our business, legal, security, and technology teams to identify, measure and report on technology risk. You will work to ensure compliance with US and International laws, rules, standards, and contractual obligations.
Continuously identify, assess, measure and monitor information technology risk by performing hands-on risk assessments.
Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation.
Work with technology and business teams to develop and document risk mitigation action plans, along with recommendations to reduce information security risk within their areas.
Manage the remediation of security assessment findings and recommendations.
Maintain an up-to-date understanding of emerging trends in information security risks; applies new techniques and trends, in-line with overall information security objectives and risk tolerance.
Test information security controls, across multiple business processes and/or locations, ensuring implementation techniques meet the intent of organizational compliance frameworks and security requirements
Assist with vendor assessments for evaluations and tracking of risk changes.
Assist with enterprise vulnerability management efforts and calculate the current and residual risk.
Assist with the development of a risk metrics and reporting framework.
Assist in the development of the company's security program, policies, and standards.
Assist with the development and implementation of security awareness programs.
DESIRED QUALIFICATIONS, SKILLS AND EXPERIENCE
5-7 years conducting IT risk and compliance assessments.
2-4 years evaluating compliance with regulatory and key IT Standards such as SOC2, ISO 27001, PCI DSS, GDPR, HIPAA/HITECH, NIST, CSA/CCM and similar.
Fundamental understanding of Cloud environments and DevOps security compliance.
Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner.
Ability to understand information security and network risks, with strong technical background and knowledge of Information Technology and security, including Linux, Windows and networking environments
Experience in internal or external audit in the IT risk and compliance space
Excellent written and verbal communication skills; must be able to interface with all levels of the organization.
Current information security certifications such as CISM, CRISC, CISSP preferred.
Open-minded, adaptable and passionate about learning
Self-starter with the ability to manage their own tasks into a larger project or program effort.
Ability to respond in kind to and appreciate the puns offered by the CISO
About Red Ventures
Red Ventures is a leading digital consumer choice platform. Through deeply integrated brand partnerships and consumer-facing assets, Red Ventures connects online customers with products and services in the home services, financial services, and healthcare industries. We use advanced analytics, data science, and integrated technology to cultivate and customize digital connections between brands and customers. We marry the speed of a start-up, the DNA of a digital agency, the strategic thinking of a consultancy, and the analytical skills of a big data company. Red Ventures is headquartered in Charlotte, NC and has more than 3,500 employees in offices across the US as well as in Brazil and London.