Security, Risk and Compliance Analyst (Dublin)
SurveyMonkey (NASDAQ: SVMK) is a leading global survey software company on a mission to power the curious. The company’s People Powered Data platform empowers over 17 million active users to measure and understand feedback from employees, customers, website and app users, and the market. SurveyMonkey’s products, enterprise solutions and integrations enable 335,000+ organizations to solve daily challenges, from delivering better customer experiences to increasing employee retention. With SurveyMonkey, organizations around the world can transform feedback into business intelligence that drives growth and innovation.
SurveyMonkey is a place where the curious come to grow. By embedding inclusion into our processes, policies, and culture, we are building a workplace for our 1,000+ employees across North America, Europe, and APAC where people of every background can thrive. We’ve won multiple awards and received recognition for our forward-looking policies, including extended parental and bereavement leave, vendor benefits standards, and Take 4 sabbaticals. SurveyMonkey was recognized by Great Place to Work® and FORTUNE as a top workplace in 2018 and 2019, and the company has also won numerous awards as a leader in global survey software, including being named among CNBC’s Disruptor 50 and the Forbes Cloud 100.
Over the past two years we’ve become a public company and expanded our platform with enterprise-grade features in privacy, security and compliance, putting SurveyMonkey on the path to rapidly expand our presence within the Fortune 500. We have ambitious goals to grow our international footprint as well, and every member of our troop plays a critical role in driving this growth and transformation. It’s an incredible time to join the company and be a part of our next chapter!
As a GRC Analyst, you will work closely with various teams across the organization (e.g., Legal, Engineering, IT Operations/Infrastructure) to maintain and enhance our security controls. You will be involved in a broad spectrum of initiatives, including Risk Management as well as policy and governance. You will also perform audits in support of compliance with HIPAA, ISO 27001, and PCI. You must be a strategic thinker and innovative problem solver, skilled in working across teams to accomplish various initiatives. Finally, you will be looked upon as a subject matter expert for compliance efforts and controls enhancements. Communication is of the utmost importance.
- Lead and complete high-quality security risk assessments across a diverse set of technologies and business functions through critical analysis
- Identify and report on new and emerging security risk and risk trends, including participating in risk remediation solution discussions and recommending updates to policy and standards
- Manage security compliance and certification initiatives such as PCI, HIPAA, and ISO 27001
- Provide ongoing PCI support to teams related to requirements definition, identifying opportunities for improvement and automation, and evidence collection
- Support company wide compliance programs that drive clarity, focus, and value to enhance user trust and security
- Coordinate user access reviews for critical systems across Surveymonkey
- Assist with and lead projects such as compliance audits, controls design, and sales support
- Effectively communicate across the organization, clearly articulate problems, timelines, and goals
- Embody a collaborative and consensus-driven approach to decision-making
- Able to coordinate programs and efforts across geographically dispersed teams
- Be a respectful, team-oriented contributor
- Perform internal audits and assessments to verify compliance with SurveyMonkey Security Policies, Standard, and Procedures
- 3-5 years of GRC-related experience
- Strong working knowledge of security standards and frameworks (e.g., ISO 27001/27017/270018/22301, NIST 800 series, COBIT, etc.) and regulatory/compliance requirements (e.g., GDPR, ISO, PCI-DSS, etc.)
- Experience developing Security Policy, Technical Standards, and Guidelines
- Must be able to communicate clearly and concisely with internal and external parties, building strong relationships with partner organizations
- Experience in the web services and technology industries, preferably in dynamic and fast changing environments
- Strong orientation toward problem solving and decision-making in an open and collaborative environment that will benefit the organization as a whole
- Excellent written and verbal communication skills
- Comfortable dealing with ambiguity and conflicting priorities
- Self motivated and directed
- Able to travel within Europe/United States upon short notice
At SurveyMonkey, we offer competitive salaries, medical/dental benefits, PTO, paid holidays and parental leave, and equity compensation.
SurveyMonkey is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.