Security Analyst
New York City, NY

Job Description

Greenhouse is looking for a Security Analyst to join our team.

Working in tandem with our Director of Security, you will be on the front lines, acting as a proponent of our Governance, Risk and Compliance (GRC) program. With the ever growing threat in the cybersecurity landscape, we are searching for someone who wants to bolster our GRC program by crafting controls and implementing more than just industry standards across the organization. You will have the ability to foster relationships with a variety of teams and expand your impact outside of the general information security functions.

Learn more about our engineering culture here. Who will love this job:

* An effective communicator, you are able to convey concepts clearly and effectively to technical and non-technical individuals
* A security minded individual, you want to be at the forefront of protecting Greenhouse from ongoing cyber threats from the outside world
* A detail oriented individual, you hone in on the details and have a penchant for adhering to guidelines
* A self starter, you take initiative and navigate through tasks on your own, but aren't afraid to ask for help when necessary

What you'll do:

* Partner with the Security team to conduct risk assessments and treatments.
* Implement and uphold controls to grow and elevate the GRC (Governance, Risk and Compliance) program.
* Support and monitor biannual internal and external audits.
* Update existing security and compliance policies.
* Uncover new frameworks and promote security awareness throughout the organization.
* Build relationships with Greenhouse's business partners to track risks, support internal systems and assess changes to the environment.

You should have:

* Familiarity with ISO 27001/27002/SOC 2 and their associated common controls
* A basic understanding of cloud computing concepts (PaaS, IaaS, and SaaS)
* Knowledge of Information Security Risk Management principles
* An understanding of physical access control systems
* Familiarity with SDLC principles
* Experience with GRC tools (RSA Archer, Zen GRC, Apptega, etc.)
* Experience with change management tools (Jira, GitHub, etc.), nice to have
* Certified Information Security Auditor (CISA) certification, nice to have
* Your own unique talents! If you don't meet 100% of the qualifications outlined above, tell us why you'd be a great fit for this role in your cover letter

Pay, Perks & Such:

At Greenhouse, we love to celebrate our diverse group of hardworking employees - and it shows. We're proud to say that in 2018, we've been ranked #2 by Crain's New York Best Places to Work, #10 Best Company Culture to work for by Comparably, #37 Best Place to Work by Glassdoor and are recognized on Inc. Magazine's Best Workplaces list. We pride ourselves on our collaborative culture that is pervasive throughout every step of a Greenhouse employee's journey. Starting with our interviews and continuing through our executive "Ask Me Anything" sessions, collaboration is at the heart of working at Greenhouse.

We offer a full slate of benefits including competitive salaries, stock options, medical, dental, vision, life and disability coverages, FSA, HSA, flexible vacation, commuter benefits, a 401(k) plan and a parental leave program. And... we offer some not-so-standard, extra-fun benefits, including learning & development stipends, adoption and fertility benefits, an employee discount platform, and of course, fully stocked fridges and cold brew on tap. :)

We value diversity and believe forming teams in which everyone can be their authentic self is key to our success. We encourage people from underrepresented backgrounds and different industries to apply. Come join us, and find out what the best work of your career could look like here at Greenhouse.