Senior Security Analyst - GRC | Minnestar

SPS Commerce
06/15/2024

The Sr. Security Analyst serves as a member of the Security Governance, Risk, and Compliance team to maintain the confidentiality, integrity and availability of sensitive company information. Responsibilities include a diverse set of IT security subject areas such as: HIPAA and Sarbanes-Oxley (SOX) compliance, SOC2, ISO 27001k, risk management, incident response, business resiliency preparedness, PII data protection, and identity and access management. This role is expected to design and develop programs to improve security standards, processes, procedures and solutions and to transfer knowledge to other Security Team Member roles.

 

Does this sound like you?

  • You have a process improvement mindset and take pleasure in seeing how your contribution impacts the goals of the organization.
  • You are a self-starter who proactively identifies risks and have the tenacity to see remediation through completion.
  • You like working in a fast-paced and technology adept environment on a team that values positivity and collaboration.
  • You are a life long learner who enjoys rolling up their sleeves and solving problems.

 

Why join SPS?

 

We solve retail supply chain problems by cutting through inefficiency with innovation and automation. At SPS we empower retailers, suppliers, distributors, grocers, and logistics partners to work better together with our people, our process, and our tech products. We have the world’s largest retail network, and we don’t just lead the industry, we are the industry.

At SPS, we believe every employee makes a difference. We ensure employees have the tools, resources, and training to explore new ideas and execute them. Our success comes from playing as a team and always playing to win. Careers don’t just grow here, they’re made here.

 

What is the day-to-day like?

  • Collaborate with others to understand processes, procedures, applications, and technologies
  • Drive application and technology compliance with corporate and regulatory policies/standards, and industry best practices
  • Design and develop programs to improve security standards, processes, procedures and solutions; transfer knowledge to other security team members
  • Participate in project work; perform security specific project tasks; lead large work streams
  • Facilitate external and customer security audits and assessments
  • Drives issues management and risk treatment processes
  • Lead and coordinate the activities of others within nature and scope of IT Security
  • Position Reports to the Sr. Manager of Security; has no Direct Reports

 

What experience and skills do you need?

  • Bachelor’s Degree plus at least 5 years of relevant experience; Master’s degree plus at least 2 years of relevant experience; or equivalent combination of education and experience
  • Experience with planning, researching and developing security policies, standards and procedures, DR best practices
  • Experience with some common security frameworks such as ISO 27001, SOC 1 & 2, NIST CSF, CIS, HITRUST, NIST 800-53/171, CMMC, PCI, etc.
  • Experience working with vendors, auditors, assessors, 3rd party partners, affiliate and subsidiary organizations
  • Prior participation or responsibility for audits and assessments

 

Nice to haves?

  • One or more industry certification – CISSP, CISM, CISA, GIAC, CCSP,
  • Executing cyber program maturity assessments or maturity enhancement initiatives
  • Retail experience; working with technology and software
  • Strong business acumen – network, system or application design, implementation or support
  • System administration with experience across multiple platforms and applications

 

SPS Commerce offers a comprehensive package of benefits including health, dental, vision, disability, and life insurance, paid time-off, 401(k), health and flexible spending accounts, stock purchase plan and more.

 

** EOE including disability / veteran **

Job Type: Full-time
Compensation Type: Salaried
Location: Minneapolis
Posted by Markda Awada on May 31, 2024