Senior GRC Specialist
Ping Identity - Burlington, MA
Apply NowJob Description
At Ping Identity, we're changing the way people think about enterprise security technology. With our innovative Identity Defined Security platform, we're helping to build a borderless world where people have total freedom to work wherever and however they want. Without friction. Without fear. We call this digital freedom. And it's not just something we provide our customers. It's something that drives our company. People don't come here to join a culture that's built on digital freedom. They come to cultivate it. We're headquartered in Denver, Colorado, and we have offices and employees around the globe. And we serve the largest, most demanding enterprises worldwide, including over half of the Fortune 100. Because even in the most complex enterprise environments, security shouldn't be a source of anxiety. It should be one of your greatest competitive advantages. As an analyst working in Ping's Denver office, you will develop an overall understanding and solid foundation in Information Security Governance, Risk and Compliance. You will work with essential players, performing and improving the current control environment, promoting security awareness and monitoring metrics to measure control effectiveness and other projects based on specialized plans. You will resolve security and process control problems along with analyzing several applications and networking software. You will also support answering any control environment or regulatory questions for Ping. You will help maintain standards and documentation. You will report to Ping's Manager of Security Governance, Risk, and Compliance. You will:Provide subject matter technical expertise on areas of security, privacy and regulatory compliance to support Ping Identity's interactions with customers while promoting assurance of Ping Identity's security and privacy program.Promote awareness of security and control issues among management and ensure sound principles are reflected in our vision and goals.Provide input to the company risk management process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and training materials).Complete security due diligence questionnaires for customers and prospects.Create external and customer-facing technical security and privacy compliance materials.Work with important players to determine compliance with regulatory and compliance requirements.Manage our audit of services and solutions and maintain adherence to compliance and regulatory frameworks, such as ISO 27001, SOC2, GDPR and CCPA.You have:Understanding of security controls at the systems, network, and application level and how to apply with cloud-based services.Experience applying risk management principles to security organizations.Experience with or a desire to automate processes.Experience with negotiating and reviewing contract terms and conditions, from an information security point of view, will be a differentiator.5+ years of experience working with risk assessments and security controls.2+ years of technical sales or field sales experience.Applicable certifications: CISSP, CISM, CISA Education Requirements:Bachelor's Degree in business or computer related field or equivalent experience Our Benefits:Open PTOParental LeaveFree Healthcare Option401(k) MatchGenerous Holiday ScheduleCommuter Offset (Denver only)Education Reimbursement Ping Identity is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. Salary offers will be based on the candidate's qualifications.#LI-Remote
Created: 2024-11-02