Tinder brings people together. With tens of millions of users, hundreds of millions of downloads, 2 billion swipes per day, 20 million matches per day and a presence in every country on earth, our reach is expansive and rapidly growing. Your work here can change the world! The Information Security & GRC team keeps our data and intellectual property secure from all internal and external threats, both human and technological.
About The Role
We are looking for a proactive GRC professional who understands the challenges of a modern Information Technology environment and is able to collaborate efficiently with various teams and external vendors to implement strong security and data governance controls. This person would help us develop, design and execute our Information Security priorities, compliance and Data Governance program.
What You’ll Do:
- Partner within Tinder's GRC team to design, develop, maintain, and improve compliance programs to ensure technology and business processes meet compliance requirements: SOX, PCI-DSS, ISO 27001, etc.
- Implement the development and oversight of required corrective action plans relating to security compliance issues
- Perform annual security risk assessments and prepare risk treatment plans
- Conduct vendor security assessments to assess risks and evaluate security postures of new and existing third-party vendors/suppliers
- Collaborate on Business Impact Assessments (BIA) and annual BCP/DR activities
- Partner with internal teams to ensure alignment with compliance requirements as well as Tinder’s security program
- Assist in the development and maintenance of company-wide security policies, procedures, and plans, and support communication to internal stakeholders regarding security and compliance best practices around applicable laws, regulations, and controls
- Contribute to our Security Awareness program. Coordinate and deliver internal security and privacy training.
What You’ll Need:
- 3-5 years experience in information security compliance or IT audit, preferably supporting compliance/audit programs within the technology space
- 2+ years experience in security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.
- Extensive security control auditing or implementation experience. SOC 2, ISO 27001, ISO 27018, ISO 27701, PCI-DSS auditing or implementation experience.
- Experience working with internal and external auditors
- Understanding of security risk management
- Experience developing security policies and procedures as it pertains to Information Security and IT risk
- Technical, analytical, and interpersonal skills
- Outstanding attention to detail with excellent written and verbal communication skills.
Nice To Have:
- Experience assessing security risk for large scale organizations
- Exposure to AWS, Azure, and/or GCP
- Project management skills
- Certifications in one or more of the following areas preferred: CISSP, CISA, CRISC, CISM, GIAC/GSEC, CIPP.
As part of our team, you’ll enjoy:
• Working on a product that has an immediate impact on people’s lives all around the world
• Collaborating with a team of creative, fun and driven colleagues
• Comprehensive health coverage, competitive salary, 401(k) employer match
• Other perks and wellness benefits like a fitness membership subsidy, paid concierge medical membership, pet insurance offerings, and a commuter subsidy
• Access to mental health resources
• Fertility preservation benefits
• No Meeting Wednesdays, an annual Learning + Development stipend, and access to a wide range of product and service discounts through Perkspot
• Charitable donations match up to $15,000 annually
• Monthly and weekly interactive virtual events including Book Club, trivia with prizes and yoga workouts
• The opportunity to join six active Employee Resource Groups (ERGs)
At Tinder, we don’t just accept difference — we celebrate it, we support it, and we thrive on it for the benefit of our employees, our product, and our community. We strive to make our workplace an inclusive and diverse environment, giving people from all walks of life the opportunity to have a voice. We champion and encourage those who bring different perspectives, ideas, and creativity to join our team dedicated to bringing people together across the globe. Tinder is proud to be an equal opportunity workplace where we welcome all people regardless of sex, gender identity, race, ethnicity, disability, or other lived experience.