Senior Analyst, Security Risk & Compliance

Overview :

Cvent's rapidly growing information security organization is seeking to hire a Senior Security Analyst to join its Information Security Risk Management and Compliance team.

The role will provide support for maturing and optimizing information security governance, risk management, and compliance capabilities across Cvent's expanding global footprint.

In This Role, You Will :

• Support day-to-day execution of security processes in areas related to perimeter and endpoint security, cloud security posture management, vulnerability management, security observability, and security operations
• Leverage skills and experience working with Infrastructure as code (IaC) pipelines to develop, manage solutions for continuous security auditing of the assets in AWS platform
• Innovate solutions and processes to automate workflows for Global Information Security efforts across enterprise / corporate IT and customer-facing product computing environments
• Continuously develop knowledge around new technologies in the industry and technologies adopted within Cvent to analyze risks and impact to the business
• Support efforts to develop or continuously improve security controls, processes and procedures across Cvent, as necessary.
• Support implementation of strategic projects to further mature Cvent's information security governance, risk and compliance program leveraging knowledge and past experience working with AWS and industry security standards, such as ISO 27001 : 2013, PCI DSS, SOC1, SOC2 and the NIST Cybersecurity Framework.
• Conduct risk assessments across Cvent's business verticals and applicable third party vendors; partner with relevant stakeholders at various levels to produce deep insight into security risks and develop actionable risk treatment plans;

monitor and support reporting on risk reduction activities.

Here's What You Need :

• 5+ years of demonstrable experience in security risk management, auditing and compliance, with a focus on supporting security risk assessments and security audit and compliance activities.
• 3+ years of experience of working on security design and implementation for AWS environments
• Good interpersonal communication skills with experience and confidence in collaborating with internal and external partners and stakeholders to develop productive relationships and achieve positive security risk management outcomes.
• Ability to learn quickly with a willingness to take ownership for new projects and learning new technologies and methodologies.
• Full understanding of industry standards for compliance such as ISO 27001 : 2013, PCI DSS, SSAE 18 SOC 1 / SOC 2 and SOX is desirable.
• Expertise on risk assessment methodologies and best practices.
• Ability and willingness to produce and maintain documentation and reports, specifically developing policies, standards, risk assessment reports, and other forms of Security Risk Management Program documentation.
• Excellent presentation and written communications skills and a team-focused attitude.
• Ability to keep up with an agile fast paced technology based work environment
• Possess or actively seeking information security or IT audit certifications, such as CISSP, CISA, CISM CRISC, or their equivalent.

Physical Demands

We are not able to offer sponsorship for this position.