As a Governance, Risk, and Governance Compliance Analyst at Vimeo, will support in educating, establishing, and maintaining Information Security Governance, Risk Management, and Compliance (GRC) workflows coordinate risk audit and risk compliance projects, as well as help maintain standards, policies, and policies that govern the information security program for the company.

You will also be a member of the security organization on the GRC team, and a guiding hand for organizational level initiatives such as security awareness and vulnerability assessment and management.

What you’ll do:

  • Enhance GRC’s capabilities such as cyber risk management, vendor security assessment, security training and communications, and our compliance program.
  • Establish processes to support the controls and ensure that information security risk impact assessments and risk mitigation strategies are implemented throughout the organization with a specific focus on ensuring proper implementation of product features.
  • Collaborate with cross-functional teams to design, implement, and maintain SSO integrations using Okta, ensuring seamless and secure access to various applications and services.
  • Facilitate the automated provisioning and synchronization of user identities across platforms and applications.
  • Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact
  • Perform audits and risk assessments of Vimeo systems and vendors to understand privacy implications and make recommendations for vendor risk mitigation
  • Educate and mentor technical teams on identifying security risks to foster more secure products and services.
  • Establish continuous monitoring capabilities, report on key performance indicators, identify, track and monitor control exceptions and draft audit responses.
  • Must be able to build relationships with technology and business teams across the company.

Skills and knowledge you should possess:

  • 4-6 years of full-time work experience in audit, risk management, or identity access management. Experience in leading security assessments and risk assessments.
  • Technical architecture experience integrating identity management, access management and access governance software into clients’ infrastructure and applications
  • Experience configuring and managing Okta Identity Cloud, including SSO integrations, user provisioning, and authentication protocols (e.g., SAML, OAuth).
  • Advanced technical knowledge of cloud technology (AWS, GCP, Azure), security controls, database systems, network systems, auditing and compliance software and tools, and IT infrastructure.
  • Familiar with security compliance frameworks and requirements, e.g., SOC 1/2, HITRUST, FedRAMP, IRAP, PCI, ISO27001, NIST CSF
  • Highly motivated, strong work ethic, attention to detail, and organizational skills.
  • Thorough understanding of risk management principles and methodologies.
  • Ability to translate abstract and vague regulatory requirements into cohesive actionable compliance tasks.
  • Ability to collaborate in a team setting and moderate conversations involving cross-functional groups.

Targeted Base Salary Range: $105,300 to $160,500

Job Overview
Job alerts

Subscribe to our weekly job alerts below and never miss the latest jobs

Sign in

Sign Up

Forgotten Password

Job Quick Search