Overview
Full Time
Skills
Attention to detail
Information security governance
Risk management
PCI DSS
Risk assessment
Due diligence
Security controls
Computer science
Information security
ISO/IEC 27001:2005
Organizational skills
Problem solving
Cyber security
Network
Innovation
Teamwork
IBM Rational DOORS
SAFE
Brand
Regulatory Compliance
Operations
Leadership
Management
Auditing
Collaboration
FOCUS
National Institute of Standards and Technology
Communication
Analytical skill
CISSP
CISM
ISACA
Payment card industry
Agile
JIRA
IMPACT
Privacy
Job Details
About The Opportunity
We're all about connecting hungry diners with our network of over 300,000 restaurants nationwide. Innovative technology, user-friendly platforms and streamlined delivery capabilities set us apart and make us an industry leader in the world of online food ordering. When you join our team, you become part of a community that works together to innovate, solve problems, grow, work hard and have a ton of fun in the process!
Why Work For Us
Grubhub is a place where authentically fun culture meets innovation and teamwork. We believe in empowering people and opening doors for new opportunities. If you're looking for a place that values strong relationships, embraces diverse ideas-all while having fun together-Grubhub is the place for you!
Grubhub Security is charged to deliver tailored solutions which provides a safe and trustworthy experience for our users; consistently and reliably protects the brand; ensures total compliance with applicable laws and regulations and; fosters a healthy security culture. We are committed to maintaining the highest standards of security and compliance in all aspects of our operations. As we continue to grow, we are seeking a dedicated and experienced Senior Cybersecurity Analyst to join our team and lead our efforts in security governance, risk, and compliance.
About the role
The Senior Cybersecurity Analyst will be responsible for overseeing and managing our security governance, risk, and compliance initiatives. This role will play a crucial role in ensuring that our company adheres to industry best practices and regulatory requirements, particularly focusing on third-party risk management, security risk management, and achieving PCI-DSS 4.0 compliance. This role reports directly to the head of cybersecurity with direct line of sight to the executive leadership team.
Core responsibilities
Develop and implement a comprehensive third-party risk management program, including vendor risk assessments, due diligence, and ongoing monitoring. Establish and maintain a security risk management program to identify, assess, and mitigate security risks across the organization. Lead efforts to achieve PCI-DSS 4.0 compliance, ensuring that all necessary controls and processes are in place and effectively implemented. Conduct regular audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement. Collaborate with internal teams to ensure alignment of security initiatives with business objectives and priorities. Stay abreast of emerging threats, vulnerabilities, and regulatory changes, and recommend appropriate measures to address them. Provide regular reports and updates to senior management on the status of security governance, risk, and compliance initiatives. Understand technical implementation at the architecture level and propose technical alternatives when necessary. Ask questions that clarify priorities and push the team to be highly effective. Develop broad domain and technical knowledge.
Qualifications
Our Perks:
Grubhub is an equal opportunity employer. We welcome diversity and encourage a workplace that is just as diverse as the customers we serve. We evaluate qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. If you're applying for a job in the U.S. and need a reasonable accommodation for any part of the employment process, please send an email to and let us know the nature of your request and contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address.
If you are a resident of the State of California and would like a copy of our CA privacy notice, please email
We're all about connecting hungry diners with our network of over 300,000 restaurants nationwide. Innovative technology, user-friendly platforms and streamlined delivery capabilities set us apart and make us an industry leader in the world of online food ordering. When you join our team, you become part of a community that works together to innovate, solve problems, grow, work hard and have a ton of fun in the process!
Why Work For Us
Grubhub is a place where authentically fun culture meets innovation and teamwork. We believe in empowering people and opening doors for new opportunities. If you're looking for a place that values strong relationships, embraces diverse ideas-all while having fun together-Grubhub is the place for you!
Grubhub Security is charged to deliver tailored solutions which provides a safe and trustworthy experience for our users; consistently and reliably protects the brand; ensures total compliance with applicable laws and regulations and; fosters a healthy security culture. We are committed to maintaining the highest standards of security and compliance in all aspects of our operations. As we continue to grow, we are seeking a dedicated and experienced Senior Cybersecurity Analyst to join our team and lead our efforts in security governance, risk, and compliance.
About the role
The Senior Cybersecurity Analyst will be responsible for overseeing and managing our security governance, risk, and compliance initiatives. This role will play a crucial role in ensuring that our company adheres to industry best practices and regulatory requirements, particularly focusing on third-party risk management, security risk management, and achieving PCI-DSS 4.0 compliance. This role reports directly to the head of cybersecurity with direct line of sight to the executive leadership team.
Core responsibilities
Develop and implement a comprehensive third-party risk management program, including vendor risk assessments, due diligence, and ongoing monitoring. Establish and maintain a security risk management program to identify, assess, and mitigate security risks across the organization. Lead efforts to achieve PCI-DSS 4.0 compliance, ensuring that all necessary controls and processes are in place and effectively implemented. Conduct regular audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement. Collaborate with internal teams to ensure alignment of security initiatives with business objectives and priorities. Stay abreast of emerging threats, vulnerabilities, and regulatory changes, and recommend appropriate measures to address them. Provide regular reports and updates to senior management on the status of security governance, risk, and compliance initiatives. Understand technical implementation at the architecture level and propose technical alternatives when necessary. Ask questions that clarify priorities and push the team to be highly effective. Develop broad domain and technical knowledge.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field.
- 5 - 7 of experience in cybersecurity, with a focus on security governance, risk, and compliance.
- Strong understanding of industry standards and frameworks, such as ISO 27001, NIST Cybersecurity Framework, and PCI-DSS.
- Experience developing and implementing third-party risk management programs.
- Proven track record of leading compliance efforts and achieving regulatory certifications (e.g., PCI-DSS, GDPR).
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
- Strong organizational skills to juggle many tasks without losing sight of the highest priority items.
- Strong analytical and problem-solving abilities, with a keen attention to detail.
- Relevant certifications such as CISSP, CISM, CRISC, or PCI Professional (PCIP) are preferred.
- Knowledge of and experience with working in Agile environments + ceremonies and work management systems such as Jira.
Our Perks:
- Flexible PTO. Grubhub employees enjoy a generous amount of time to recharge.
- Health and Wellness. Excellent medical, dental and vision benefits, 401k matching, employee network groups and paid parental leave are just a few of our programs to support your overall well-being.
- Compensation. You'll receive a highly-competitive compensation package with eligibility for generous incentives, bonuses, commission, and RSUs.
- Free Meals. Our employees get a weekly Grubhub credit to enjoy and support local restaurants.
- Social Impact. We believe in giving back through programs like the Grubhub Community Relief Fund, and provide our employees opportunities to support causes that are important to them.
Grubhub is an equal opportunity employer. We welcome diversity and encourage a workplace that is just as diverse as the customers we serve. We evaluate qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. If you're applying for a job in the U.S. and need a reasonable accommodation for any part of the employment process, please send an email to and let us know the nature of your request and contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address.
If you are a resident of the State of California and would like a copy of our CA privacy notice, please email