Jobs
Veracode logoVeracode

Sr. Governance, Risk & Compliance Analyst

Senior Governance, Risk & Compliance Analyst

Looking for an innovative, high-growth company in one of the hottest segments of the security market?  Look no further than Veracode!

Veracode is recognized as a premier provider of SaaS-based application security solutions, transforming the way companies secure applications in today’s software driven world. We provide our customers with a solid foundation on which to build security into their modern agile development processes. Learn more about us at www.veracode.com!

Key Aspects of the Role:

Responsibilities: 

  • Coordinate auditing activities of Veracode’s compliance program which includes, but is not limited to, controls that meet SOC 2 Type 2, ISO 27001 family, NIST 800-53, FedRAMP, GDPR, Third-party Risk Management, Data Privacy and Business Continuity. 
  • Provide education to IT Control owners focusing on demonstration of compliance requirements and share hot topics in SOC 2 Type 2, ISO 27001 family, NIST 800-53, FedRAMP, GDPR, Third-party Risk Management, Data Privacy and Business Continuity 
  • Select and monitor compliance with Security and Privacy awareness training. 
  • Interface with Information Security, Legal, Procurement and business owners in the assessment of prospective and current vendors as part of Veracode’s Vendor Management Program. 
  • Participate in the identification, mitigation & quantification of corporate IT risks. 
  • Participate in implementing disaster recovery (DR) & Business Contingency Planning (BCP) practices 
  • Participate in Access Reviews of key systems to ensure appropriate access. 
  • Act as a subject matter expert ensuring internal controls are properly designed and implemented. 
  • Collaborate with and facilitate as applicable the Company’s on-going audit and risk assessment processes between internal/external auditors and the internal team owners and stakeholders. 
  • Coordinate IT compliance with customer, partner, and government requirements. 
  • Provide timely updates to Compliance Manager and CISO that communicate status, trends, and action plans of various compliance initiatives. 
  • Partner with Sales department to provide IT technical & compliance responses to customer due diligence requests. 
  • Support Veracode’s CISO in the monitoring of information security and reporting of status to the Company’s Board of Directors. 
  • Use data to drive decisions and KPIs to demonstrate performance. 

Qualifications: 

  • Minimum 3-5 years in an IT Risk and Compliance role. 
  • Experience implementing, operating, or knowledge of a SOC 2 Type II, NIST 800-53, ISO 27001/2, and/or FedRAMP Moderate environment. 
  • Experience assessing vendors from a security risk perspective and pushing recommendations to management. 
  • Preferred: Holds certifications in IT security, privacy, or other related areas (CISA, CRISC, CISSP, CIPP) 
  • Excellent communication, problem solving, conflict / resolution management, active listening, time management, and interpersonal skills. 
  • Ability to work and drive results independently and collaboratively. 
  • Ability to learn and adapt quickly. 
  • Vibrant and energetic attitude, willingness to perform and get results. 

What we offer you: 

  • Outstanding Medical, Dental, and Vision Coverage to meet all your healthcare needs. 
  • Wellness benefits to help you focus on what’s most important.
  • “Take What You Need” time off policy.
  •  Extensive development and training offerings to help you grow your career at Veracode.
  • Generous 401k match to help save for your future.
  • Amazing community of professionals who take pride in what we do every day.

Cyber Security Jobs by Category

Full Time jobsCISO jobsAudit jobsAnalyst jobsManager jobsApplication Security jobs

Cyber Security Salaries

Full Time SalaryCISO SalaryAudit SalaryAnalyst SalaryManager SalaryApplication Security Salary