SurveyMonkey (NASDAQ: SVMK) is a leading global survey software company on a mission to power the curious. The company’s People Powered Data platform empowers over 17 million active users to measure and understand feedback from employees, customers, website and app users, and the market. SurveyMonkey’s products, enterprise solutions and integrations enable 350,000+ organizations to solve daily challenges, from delivering better customer experiences to increasing employee retention. With SurveyMonkey, organizations around the world can transform feedback into business intelligence that drives growth and innovation.
SurveyMonkey is a place where the curious come to grow. By embedding inclusion into our processes, policies, and culture, we are building a workplace for our 1,000+ employees across North America, Europe, and APAC where people of every background can thrive. We’ve won multiple awards and received recognition for our forward-looking policies, including extended parental and bereavement leave, vendor benefits standards, and Take 4 sabbaticals. SurveyMonkey was recognized by Great Place to Work® and FORTUNE as a top workplace in 2018 and 2019, and the company has also won numerous awards as a leader in global survey software, including being named among CNBC’s Disruptor 50 and the Forbes Cloud 100.
Over the past two years we’ve become a public company and expanded our platform with enterprise-grade features in privacy, security and compliance, putting SurveyMonkey on the path to rapidly expand our presence within the Fortune 500. We have ambitious goals to grow our international footprint as well, and every member of our troop plays a critical role in driving this growth and transformation. It’s an incredible time to join the company and be a part of our next chapter!
The ideal candidate works in the Governance, Risk Management and Compliance team, which is within the Trust & Security Organization and is responsible for supporting the maintenance and continuous improvement of the company’s Risk and Compliance program.
- Work with the development and maintenance of Technical Standards, and Guidelines
- Perform internal audits and assessments to verify compliance with SurveyMonkey Security Policies, Standard, and Procedures
- Review PCI compliance posture
- Conduct risk assessments and due diligence of third-party vendors
- Support ongoing security compliance and certification initiatives (e.g., PCI, HIPAA, ISO 27001, GDPR)
- At least 2 years demonstrated experience information security, privacy, or a data protection or assurance-related function.
- Experience performing third-party risk assessments and vendor risk evaluations
- Experience with developing technical standard, and operational guidelines
- Experience conducting assessment, reporting and remediation projects supporting policy and regulatory mandates (e.g. ISO27001, GDPR, PCI-DSS, SOX, HIPAA).
- Experience providing guidance to information and system owners, and functional leadership regarding internal control gaps and assisting management in defining and prioritizing timely remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented.
- Fundamental technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.
- Due to 24x7x365 operation, must be willing to be available for off-hours work
- CISPP, CISA, GIAC or other security related certification
- B.S. or M.S. in Information Security, Computer Science, or equivalent experiences
At SurveyMonkey, we offer competitive salaries, medical/dental benefits, PTO, pension benefits and equity compensation.
SurveyMonkey is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.