We’re looking for a Security GRC Specialist to help us ensure adherence to our security and privacy requirements. You are a seasoned IT auditor with a solid information security foundation and are interested in programming to automate and deliver on these security and privacy mandates. You are a subject matter expert with various control frameworks and are results-driven in an ever-changing agile environment. While based in Hootsuite’s Vancouver office, you will report to the Director, Information Security.
WHAT YOU’LL DO:
- Project manage the compliance programs for various frameworks and lead interactions with external auditors
- Perform IT and operational testing to evaluate control effectiveness
- Conduct readiness assessments against NIST CSF/GDPR, and collaborate with cross-functional teams to implement controls, policies, and procedures as required
- Collaborate with cross-functional teams to monitor and remediate control deficiencies against established deliverables and timelines
- Evaluate and communicate control results, best practices, and risks to stakeholders
- Assist with delivering information security, privacy, and risk training to applicable teams
- Assist with reviewing customer sales agreements pertaining to Hootsuite’s security and privacy practices, and responding to customer and vendor questionnaires
- Monitor compliance with current and emerging laws, regulations, and standard
WHAT YOU’LL NEED:
- 4-6 years of experience in auditing IT and operational controls in a SaaS environment
- Knowledge and understanding of relevant legal and regulatory requirements (SOC 2, PCI DSS, ISO 27001/27002, FedRAMP, NIST 800-53, NIST CSF, and GDPR)
- Technical knowledge of information security best practices and agile software development cycle
- Basic knowledge of high level programming languages
- Open Communication: clearly conveys thoughts, both written and verbally, listening attentively and asking questions for clarification and understanding
- Commitment to Results: consistently achieves results, demonstrating high performance, and challenging self and others to deliver results
- Creativity and Innovation: seeks new and better ways of doing things, generates original and imaginative ideas, products, or solutions
- Priority Setting: focuses time/energy on the most important issues/opportunities. Clearly understand how to assess the importance of tasks and decisions
- Collaboration and Teamwork: works with others to deliver results, meaningfully contributing to the team and prioritizing group needs over individual needs
- CISA, CISM, CRISC, or CISSP a plus.
WHO YOU ARE:
- Tenacious. You are determined to succeed, and you are motivated by the success of customers, colleagues and the community.
- Curious. You are always learning and seeking ways to make things better.
- Conscientious. You keep your promises, taking your commitments to others seriously, and you have strong integrity.
- Humble. You lead with humility and empathy, respecting and learning from the perspectives of others.
Share our values: We champion the power of human connection. We’re united globally by our shared values of innovation, grit, humility, and passion for customer success.
Make an impact: Working at the speed of social, we create value for our customers by delivering solutions that power relationships at scale. Our pace of work enables fast learning and fosters an environment where you can stretch yourself and make an impact.
Learn and grow: We’re committed to growing the capabilities of our people. We are building a learning community where you can work with diverse individuals, explore new ways of thinking, and expand your capabilities. Our employees are teachers and learners who work out loud and share their knowledge to enhance each other’s growth.
We are dedicated to building a diverse community, one where employees feel a sense of belonging, and are valued for their contributions and the perspectives they bring. Our purpose is to champion the power of human connection and the heart of connection is inclusion. You belong here.
Accommodations will be provided as requested by candidates taking part in all aspects of the selection process.
About us Hootsuite is the most widely used social media management platform. We have 15+ million customers and are recognized as a leader in social media management by Forrester, one of the most influential research and advisory firms in the world. Our battle-tested technology, extensive ecosystem, and social DNA help organizations create human connections at scale.