Senior Security and Compliance Analyst
ABOUT THRIVE MARKET
Thrive Market was founded in 2014 with a mission to make healthy living easy and affordable for everyone. As an online, membership-based market, we deliver the highest quality healthy and sustainable products at member-only prices, while matching every paid membership with a free one for someone in need. Every day, we leverage innovative technology and member-first thinking to help our over 1,000,000+ members find better products, support better brands, and build a better world in the process. We recently reached a significant milestone by becoming a Certified B Corporation, making us the largest grocer to earn this coveted qualification.
The Role
Reporting to our VP of Tech Ops, the Security and Compliance Analyst will evaluate the design and effectiveness of IT controls based upon industry best-practice models in accordance with compliance requirements and provides a systematic, disciplined approach to the analysis of operational business and governance processes to conform to standards and regulations.
In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors, and other stakeholders.
Additionally, you will work on tasks as it relates to security operations. The analyst will also work closely with the IT team on security projects such as identity management, endpoint protection, and enterprise risk management.
RESPONSIBILITIES
- Assists in the analysis and definition of security requirements
- Assists with certifications and accreditation reviews, security test and evaluations, and drafting associated reports
- Coordinates compliance remediation activities and maintains an accurate list of open and close compliance issues for the organization
- Develop and maintain Information Security Policies, Standards, Procedures, and Guidelines
- Coordinates all internal and external audit events (SOX, PCI, NIST, Cyber), including discovery, sample delivery, management response, and remediation activities for all audits
- Conduct quarterly access control audit
- Implementation and the maintenance of Governance, Risk, and Compliance throughout the organization
- Perform vulnerability scans and fix detected vulnerabilities to maintain a high-security standard
- Assist in developing secure configuration standards and patch management procedures
- Promote a culture of security best practices within the organization.
- Work cross-functionally with other departments to provide security guidance on all projects which have a security impact on Thrive Market
QUALIFICATIONS
- Bachelor's degree in computer science or related field.
- 5+ years of experience in Information Security and/or Technology Risk Management
- Experience with PCI
- Demonstrates fundamental understanding of risk, IT and security controls, compliance, authentication, authorization, and accountability.
- Strong sense of integrity and ability to deal with issues and subject matter that requires considerable sensitivity, discretion, and judgment
- Experience with GRC Tools
- Basic knowledge of server and network security
- Experience with project management tools (JIRA preferred)
BELONG TO A BETTER COMPANY
- Comprehensive health benefits (medical, dental, vision, life, and disability)
- Dog-Friendly Office
- Competitive salary (DOE) + equity
- 401k plan
- Unlimited vacation
- Stocked kitchen in our Thrive Market Home Office with Thrive Market products
- Yoga, meditation, and other weekly events for mindfulness
- Coverage for Life Coaching & Therapy Sessions on our holistic mental health and well-being platform
- Free Thrive Market membership and discount on private label products
- Learning & Development Training programs through Udemy
- Casual atmosphere and great people to work with
We're a community of more than 1Million + members who are united by a singular belief: It should be easy to find better products, support better brands, make better choices, and build a better world in the process.
Thrive Market is an EOE/Veterans/Disabled/LGBTQ employer
At Thrive Market, our goal is to be a diverse and inclusive workplace that is representative, at all job levels, of the members we serve and the communities we operate in. We’re proud to be an inclusive company and an Equal Opportunity Employer and we prohibit discrimination and harassment of any kind. We believe that diversity and inclusion among our teammates are critical to our success as a company. We seek to recruit, develop, and retain the most talented people from diverse candidates. If you’re thinking about joining our team, we expect that you would agree!
If you need assistance or accommodation due to a disability, please contact us at (424) 291-9534 and we’ll be happy to assist you.
© Thrive Market 2021 All rights reserved.
#LI-MR1
#LI-DNI