Job added in hotlist
Applied job
Contract job
90-day-old-job
part-time-job
Recruiter job
Employer job
Expanded search
Apply online not available
Similar Jobs
Technical Program Manager – Internal Compliance
Oracle Corporation
Seattle, WA
Apply Now >
Compliance and Risk Manager
OppenheimerFunds Distributor, Inc
Seattle, WA
Apply Now >
Technical Program Manager, Compliance
Oracle Corporation
Seattle, WA
Apply Now >
SAP Concur - Risk and Compliance Analyst Job
SAP AG
Bellevue, WA
Apply Now >
SENIOR COMPLIANCE SPECIALIST
University of Washington, Bothell
Seattle, WA
Apply Now >
View more jobs in Seattle, WA
View more jobs in Washington

Job Details

Security Compliance Analyst

Company name
Groupon, Inc

Location
Seattle, WA

Apply for this job






6 hit(s)  

Profile

Are you ready to keep the data of 49 million global customers safe?Groupon\u2019s Information Security team is seeking an experienced security analyst with a strong background in audit or compliance to support Groupon\u2019s PCI Compliance initiatives.Your main responsibility is to take ownership of the support for our PCI environment which includes tracking the status of all PCI DSS issues on assigned projects and periodic tasks, troubleshooting security incidents, performing vulnerability management and remediation and update servers with critical patches. Additionally, you will be responsible for consulting internally in the testing and deployment of systems and networks to ensure a compliant infrastructure and proper management. You will handle SSL certificates and providing guidance around third-party vendor security reviews.Does this sound like you?Excellent verbal, interpersonal, and written communication skillsExcellent analytical, problem-solving and decision-making capabilitiesCan effectively work self-sufficiently across a geographically distributed team environment with integrityIs a results oriented, high energy person who takes pride in their workProfessional Skills & ResponsibilitiesWork and assist with various PCI Teams as an information security expert on projects and offers council regarding the intent of PCI requirementsAssist in handling PCI Discovery\/Gap Analysis initiatives and coordinate with various functional groups to resolve PCI compliance status for assigned clientsAssist during the audit to manage the process of providing all requested evidence during our PCI assessmentsWork with global security team members leadership to ensure security best practices are identified and integrated into all facets of projects including network, system designs\/configuration, and implementationsAbility to work with multiple teams and partners to handle vulnerabilities and fix issues efficientlyAssist in documenting standards, processes, and procedures for incident response, security systems, and tools as neededCreate, review and update architectural and network diagramsSoftware patching and vulnerability remediation - Maintain client management tool for patching. Research, run, and audit application, workstation, and server patches on a monthly basisAssist in monitoring and support security software\/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to: endpoint security (anti-malware, encryption), IDS\/IPS (Host\/Network\/Wireless), log management\/correlation, firewall reviews, Application Whitelisting, etc.Keep us ahead of the curve by identifying and recommending changes to policies and procedures to mitigate key security risksSupport various security technologies, including vulnerability scanning, multi-factor authentication systems, network and perimeter monitoring, and the systems related to log and event information, alerts, and connections of systems providing logs and alertsApprove, support, and troubleshoot TLS Certificates and installation.Provides risk guidance for IT projects and recommendations for controls relating to third party management.Isolate and resolve incident tickets related to security systems.Identify areas where existing security architecture requires improvement and develop proposals, processes and implementation plansProvide technical and operational security support to Engineering, Legal, and various business unitsQualifications\/Requirements:4 years job related experience in compliance or technical engineering fieldHas worked in a regulated environment, preferably dealing with PCI, SOX or other federally regulated examinations Demonstrated expertise managing a compliance project and effectively managing stakeholdersAbility to work in an Agile development environment Ability to develop a detailed estimates of the level of effort required and create a project plan for the deliverable objectiveTrack, manage, and adjust the original plan as necessary to ensure successInformation Security Certification(s) with demonstrated work experience preferred. Desired certifications include: CISA, CISP, PCI, PMP (a plus)Knowledge and familiarity related to administering and securing OSX and Linux operating systems, database platforms, endpoint security and network infrastructure is preferred.Experience with best practices related to network architecture & security controls (Routers, Firewalls, networking protocols, etc)Ability to recognize\/analyze\/and document deficiencies and articulate those deficiencies to both technical and non-technical key management personnel.Experience using a risk-based audit approach in evaluations of and recommendations for management processesDiligent in coordinating and executing processes and proceduresAn understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standardsExperience using with open-source software and command line utilitiesExperience with vulnerability management and penetration testing tools such as Rapid7, Tenable, etc.An understanding of IDS\/IPS software such as CloudPassage, OSSEC, etc.Be able to participate effectively in an on-call rotationUnderstanding of policy and procedure developmentDemonstrated track record staying up to date with industry information security and compliance knowledgeAbility to perform workstation and server patching

Company info

Groupon, Inc
Website : http://www.groupon.com

Company Profile
Groupon's mission is to become the world's commerce operating system. By connecting buyers and sellers through price and discovery, we have the opportunity to become one of the world's essential companies, a daily habit for our customers and merchant partners.

Similar Jobs:
Compliance Officer - Debt Collection
Location : Bothell, WA
Compliance Officer - Debt Collection','54096','!*!Join our growing company and take your career to the next level! This role leads the compliance program at I.Q. Data International, Inc., a third-party debt collection agency, i...
Business Analyst, DOT Compliance
Location : Seattle, WA
Job DescriptionBusiness Analyst - DOT ComplianceImagine being able to build the Earth\u2019s most customer-centric company\u2026in an organization that delivers a smile to millions of people every single day\u2026and on a team tha...
At CBRE, you are empowered to take your career path into your own hands. Enjoy workplace flexibility in a global organization with tremendous scale. Work in an inclusive and collaborative environment with supportive teammates. Co...
I found a new job! Thanks for your help.
Thomas B - ,
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
ComplianceCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
ComplianceCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2018 ComplianceCrossing - All rights reserved. 21