Full-time
Security GRC Specialist - Hootsuite - Vancouver, BC

Who You Are…

We are seeking an experienced GRC professional to join the Security & Compliance team. You are an integral part of our technology group and will be responsible for ensuring adherence to our security and privacy requirements. You are a seasoned IT auditor with a solid information security foundation and is interested in programming to automate and deliver on these security and privacy mandates. You take a collaborative and innovative approach when evaluating the current state of our security and privacy posture, recommending options to deliver high-quality pragmatic solutions, or leading focused remediation efforts. You background working in a fast-paced SaaS environment and track record in performing control testing and readiness assessments, using automation and technology to solve or optimize compliance directives, and commitment to building trust with key stakeholders will allow you to thrive in this role. You are a subject matter expert with various control frameworks and is results-driven in an ever-changing agile environment.

You're Great At...

Project managing of the compliance programs for various frameworks and leading interactions with external auditors Performing IT and operational testing to evaluate control effectiveness Conducting readiness assessments against NIST CSF/GDPR, and collaborating with cross-functional teams to implement controls, policies, and procedures as required Collaborating with cross-functional teams to monitor and remediate control deficiencies against established deliverables and timelines Evaluating and communicating control results, best practices, and risks to stakeholders Assisting with delivering information security, privacy, and risk training to applicable teams Assisting with reviewing customer sales agreements pertaining to Hootsuite's security and privacy practices, and responding to customer and vendor questionnaires Monitoring compliance with current and emerging laws, regulations, and standard Qualifications...

4-6 years of experience in auditing IT and operational controls in a SaaS environment Knowledge and understanding of relevant legal and regulatory requirements (SOC 2, PCI DSS, ISO 27001/27002, FedRAMP, NIST 800-53, NIST CSF, and GDPR) Technical knowledge of information security best practices and agile software development cycle Possess basic knowledge of high level programming languages Strong oral and written skills, with the ability to understand technology sufficiently and communicate requirements in simple terms for key stakeholders Results driven with demonstrated leadership skills in mobilizing cross-functional teams to implement innovative out of the box solutions Proven ability to work successfully with limited supervision and within resource and timing constraints CISA, CISM, CRISC, or CISSP a plus. Hootsuite is an inclusive employer. Every effort will be made to provide accommodations requested by candidates taking part in all aspects of the selection process.

#LI-TG1

Apply for this job  or Save to My Jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.