Cvent is an exciting, fast-growing tech company that provides industry-leading software to event professionals around the world. Our suite of services - online event registration, venue selection, mobile apps, email marketing, web surveys, and targeted hotel advertising opportunities - have positioned us a major player in the estimated $565 billion global meetings and events industry.
Cvent's rapidly growing information security organization is seeking to hire a Senior Security Analyst to join its Information Security Risk Management and Compliance team. The role will provide support for maturing and optimizing information security governance, risk management, and compliance capabilities across Cvent's expanding global footprint.
What You Will Be Doing
* Support implementation of strategic projects to further mature Cvent's information security governance, risk and compliance program leveraging knowledge and past experience working with industry security standards, such as ISO 27001:2013, PCI DSS and the NIST Cybersecurity Framework.
* Respond to security due diligence requests from customers to support sales and customer retention activities as well as global market expansion efforts.
* Conduct risk assessments across Cvent's business verticals and applicable third party vendors; partner with relevant stakeholders at various levels to produce deep insight into security risks and develop actionable risk treatment plans; monitor and support reporting on risk reduction activities.
* Support Cvent's annual security compliance and audit calendar that includes annual PCI DSS, SSAE 18/SOC 1, SOC 2 and ISO 27001:2013 audits as well as customer-initiated audits; conduct internal audits to ensure that compliance towards these standards is maintained.
* Support efforts to develop or continuously improve security controls, processes and procedures across Cvent, as necessary.
* Assist with maintenance of information security program documentation consisting of information security policies, standards, and guidelines, and coordinating management ratification of policies and standards at regular intervals.
* Build a culture of security across Cvent by contributing innovative enhancements to a global information security awareness program, including designing and delivering awareness campaigns across the company.
What You Need for this Position
* 6+ years of demonstrable experience in security risk and compliance, auditing and/or consulting teams in highly technical, fast-paced, global businesses.
* Strong individual leadership and interpersonal abilities geared towards getting things done, including experience communicating and developing partnerships at many levels of a technology-driven organization.
* Strong understanding of, and past implementation experience with, ISO 27001:2013, PCI DSS, and SSAE 18 SOC 1 / SOC 2 attestation standards, as well as global regulations relevant to information security and data protection, such as U.S. federal and state statutes, the EU General Data Protection Regulation, and PIPEDA.
* Experience performing information security assessments and compliance audits in the global high-tech industry; demonstrable and deep understanding of common security controls, processes and technical solutions to safeguard network, system, application and data in on-premise and cloud environments.
* Experience in developing information security policies, standards and other forms of information security program documentation.
* Excellent verbal, presentation and written communications skills and a team-focused attitude.
* Active information security or IT audit certifications, such as CISSP, CISA, CISM CRISC, or their equivalent.
Need more reasons to consider us? We offer competitive salary packages, an extensive benefits package for all full-time employees, including medical, dental, vision, semi-annual bonuses, 401K match, gym membership discounts and other great perks! If you would like to learn more about Cvent and our products, visit our website at www.cvent.com.
Skills & Requirements Qualifications