Oh Snap!
This job is no longer active - but you can still view the details below.

Security Compliance Analyst

| Chicago

Groupon’s Information Security team is seeking an experienced Security analyst with a strong background in audit or compliance to support Groupon’s PCI Compliance initiatives.

 

The primary responsibility of this position is to provide technical and operational support for Groupon’s PCI environment which includes tracking the status of all PCI DSS issues on assigned projects and periodic tasks, troubleshooting security incidents, performing vulnerability management and remediation and update servers with critical patches. Additional responsibilities will include to consult internally in the testing and deployment of systems and networks to ensure a compliant infrastructure and proper management.

 

Further, this position will be responsible for managing SSL certificates and providing guidance around third party vendor security reviews.

 

Responsibilities:

●      Work and assist with various PCI Teams as a Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of PCI requirements

●      Assist in managing PCI Discovery/Gap Analysis initiatives and coordinate with various functional groups to determine PCI compliance status for assigned clients

●      Assist during the audit to manage the process of providing all requested evidence during our PCI assessments

●      Work with global security team members leadership to ensure security best practices are identified and integrated into all facets of projects including network, system designs/configuration, and implementations

●      Ability to work cross-functionally with multiple teams and stakeholders to manage vulnerabilities and fix issues efficiently

●      Assist in documenting standards, processes, and procedures for incident response, security systems, and tools as needed

●      Create, review and update architectural and network diagrams

●      Software patching and vulnerability remediation - Maintain client management tool for patching. Research, manage, and audit application, workstation, and server patches on a monthly basis

●      Assist in monitoring and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to: endpoint security (anti-malware, encryption), IDS/IPS (Host/Network/Wireless), log management/correlation, firewall reviews, Application Whitelisting, etc.

●      Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks.

●      Support numerous security technologies, including vulnerability scanning, multi-factor authentication systems, network and perimeter monitoring, and the systems related to log and event information, alerts, and connections of systems providing logs and alerts

●      Approve, support, and troubleshoot TLS Certificates and installation.

●      Provides risk guidance for IT projects and recommendations for controls relating to third party management.

●      Isolate and resolve escalated incident tickets related to security systems.

●      Identify areas where existing security architecture requires improvement and develop proposals, processes and implementation plans

●      Provide technical and operational security support to Engineering, Legal, and various business units

 

 

Qualifications:

 

●      A minimum of 4+ years job related experience in compliance or technical engineering field

●      Has worked in a regulated environment, preferably dealing with PCI, SOX or other federally regulated examinations

●      Demonstrated expertise managing a compliance project and effectively managing stakeholders

●      Ability to work in an Agile development environment

●      Ability to develop a detailed estimates of the level of effort required and creaate a project plan for the deliverable objective

●      Track, manage, and adjust the original plan as necessary to ensure success

●      Information Security Certification(s) with demonstrated work experience preferred. Desired certifications include: CISA, CISP, PCI, PMP (a plus)

●      Knowledge and familiarity related to administering and securing OSX and Linux operating systems, database platforms, endpoint security and network infrastructure is preferred.

●      Experience with best practices related to network architecture & security controls (Routers, Firewalls, networking protocols, etc)

●      Ability to recognize/analyze/and document deficiencies and articulate those deficiencies to both technical and non-technical key management personnel.

●      Experience using a risk-based audit approach in evaluations of and recommendations for management processes

●      Diligent in coordinating and executing processes and procedures

●      An understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standards

●      Experience using with open-source software and command line utilities

●      Experience with vulnerability management and penetration testing tools such as Rapid7, Tenable, etc.

●      An understanding of IDS/IPS software such as CloudPassage, OSSEC, etc.

●      Be able to participate effectively in an on-call rotation

●      Understanding of policy and procedure development

●      Demonstrated track record staying up to date with industry information security and compliance knowledge

Ability to perform workstation

Groupon provides a global marketplace where people can buy just about anything, anywhere, anytime. We’re enabling real-time commerce across an expanding range of categories including local businesses, travel destinations, consumer products, and live or lively events. At the same time, we are providing advertising options and tools that merchants can use to grow and manage their businesses. Culturally, we believe that great people make great companies and that starting with the customer and working backward moves us forward. Community matters to us on an internal, local and global scale—it’s fundamental to our company’s growth and to the well-being of the world at large. We also value self-awareness, candor, lunch and WiFi. If we match with you, please apply to join us.

Read Full Job Description
Apply now
loading ...
Emailed

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C#Languages
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • RubyLanguages
    • FluxLibraries
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • Ember.jsFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • AccessDatabases
    • HiveDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • TeradataDatabases
    • IllustratorDesign
    • PhotoshopDesign
    • BasecampManagement
    • JIRAManagement
    • SalesforceCRM

Location

Our headquarters is nestled alongside the Chicago River in the bustling River North neighborhood, close to both blue and brown line CTA trains.

An Insider's view of Groupon

How would you describe the company’s work-life balance?

Groupon provides an environment where I can strive for maximum work-life effectiveness, room for growth, and there is always something new to do. I enjoy spending lots of time at work because I love what I do; the hours are not burdensome, Groupon fits me. I define success in my own terms & Groupon provides us with the flexibility to be successful.

Milan

Senior Manager of Operations

What kinds of technical challenges do you and your team face?

We are working on arriving at the optimal attribution models across different areas of our business. For example, the attribution of a purchase to a specific experience — a home page feature, an email, a push notification — likely has a different window of time where we can reasonably say a specific purchase is a result of a specific experience.

Kristi

Data Scientist

How has your career grown since starting at the company?

Here at Groupon, what you do matters. I got my start at Groupon as an intern and have had the opportunity in the past (almost) 5 years to build out a global volunteer program that has engaged over 5,000 employees in over 63,000 hours of service supporting the work of close to 650 nonprofit organizations.

Alicia

Program Manager, Employee & Community Engagement

What projects are you most excited about?

Recently, we committed to having 100% of our job descriptions reviewed for gender balance by the end of 2018. Also for 2018, work will continue with our Employee Resource Groups, who play a pivotal part in the attraction and selection of diverse top talent, and themselves can be developed and promoted into company leaders.

Carlos

Head of Diversity Recruitment

What are Groupon Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Perks & Discounts
Casual Dress
Commuter Benefits
Game Room
Recreational Clubs

Additional Perks + Benefits

Fitness benefits. Free office shuttles. Paid parental and family leave. Comprehensive sales training program. Sense of joy. Onsite cafes. Unlimited Routine Time Off (RTO). Flexible spending accounts. Life & AD&D insurance. 401(k). Disability coverage.

More Jobs at Groupon63 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR
Internships
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Content
Data + Analytics
new
Chicago
Operations
new
Chicago
Finance
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Marketing
new
Chicago
Finance
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Content
new
Chicago
Data + Analytics
new
Chicago
Operations
new
Chicago
Project Mgmt
new
Chicago
HR
new
Chicago
Marketing
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Marketing
new
Chicago
Project Mgmt
new
Chicago
Product
new
Chicago
Data + Analytics
new
Chicago
Operations
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Project Mgmt
new
Chicago
Operations
new
Chicago
Data + Analytics
new
Chicago
Developer
new
Chicago
Data + Analytics
new
Chicago