Information Security Risk Analyst

| Chicago

 

Groupon’s Information Security team is seeking an experienced Security Risk Analyst to assist in analyzing Groupon’s risk environment relative to third parties and internal services and assisting in recommending measures to safeguard valuable information assets and document key information and capabilities of third parties. The position is responsible for executing a portion of the Cybersecurity program designed to advise the organization on its management of third-party cybersecurity risk.

 

This involves an understanding of Groupon’s business requirements and a thorough understanding of regulatory requirements (such as GDPR,PCI) for both outsourced providers and internally developed solutions and how best to meet those requirements. The Analyst will develop strong partnerships with internal business partners and external vendors to ensure customer, employee, and company information is protected at the appropriate level.

 

The successful candidate will also be required to review and assess legal contracts as it pertains to the service providers security posture. The candidate should be able to understand legal terms and definitions and articulate potential security concerns to the Legal teams. The individual will also play a significant role in enhancing and implementing procedures to assess and risk rate the third-party information security program.
 

Professional Skills & Responsibilities

 

  •  Perform information security due diligence on third party vendors to determine the effectiveness of their controls to protect the Company’s data, identify any discrepancies and escalate all issues to management.

  • Review completed SIG questionnaires based on vendor risk and evaluate responses received from security questionnaires that align with ISO and NIST standards

  • Assisting in the risk and compliance program’s design, process re-engineering or enhancements and tool and technology implementations as applicable

  • Working directly with key business leaders to facilitate risk analysis and risk management processes, identifying acceptable levels of risk and establish roles and responsibilities with regards to risk management for both service providers and internal solutions

  • Assist in reviewing contracts, security addendums, and data processing agreements and comment on potential concerns or issues

  • Work with Procurement and Legal during the initial review of third party service providers to ensure proper diligence is performed

  • Assist in the development of third party due diligence policies and standards which set the vendor requirements based on risk.

  • Review current risk data to determine exceptions, trends or other changes in risk relative to the firm’s risk appetite and escalate as deemed appropriate.

  • Maintain knowledge of the latest active security threats in order to understand current risks and articulate those risk to the business and vendor 

 

Qualifications:

 

  • 3+ years of experience in an IT Risk, Third Party Vendor Assessment or Information Security organization with an understanding of Audit, Security and Risk.

  • Working knowledge of core security concepts such as encryption, DLP, networking security, cloud security, and web security, SAML, Oauth, etc.

  • Strong knowledge of PCI, SOX 404, GDPR, and other regulations/standards

  • Prior experience providing and negotiating information security provisions within third-party agreements.

  • Prior experience conducting information security due diligence of third-party suppliers

  • Proven analytical problem-solving skills with a demonstrated ability to research problems and proactively suggest ways to better a process

  • Highly motivated with demonstrated experience managing multiple projects in a fast-paced, deadline-oriented work environment

Groupon provides a global marketplace where people can buy just about anything, anywhere, anytime. We’re enabling real-time commerce across an expanding range of categories including local businesses, travel destinations, consumer products, and live or lively events. At the same time, we are providing advertising options and tools that merchants can use to grow and manage their businesses. Culturally, we believe that great people make great companies and that starting with the customer and working backward moves us forward. Community matters to us on an internal, local and global scale—it’s fundamental to our company’s growth and to the well-being of the world at large. We also value self-awareness, candor, lunch and WiFi. If we match with you, please apply to join us.

Read Full Job Description
Apply now
loading ...
Emailed

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C#Languages
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • RubyLanguages
    • FluxLibraries
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • Ember.jsFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • AccessDatabases
    • HiveDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • TeradataDatabases
    • IllustratorDesign
    • PhotoshopDesign
    • BasecampManagement
    • JIRAManagement
    • SalesforceCRM

Location

Our headquarters is nestled alongside the Chicago River in the bustling River North neighborhood, close to both blue and brown line CTA trains.

An Insider's view of Groupon

How would you describe the company’s work-life balance?

Groupon provides an environment where I can strive for maximum work-life effectiveness, room for growth, and there is always something new to do. I enjoy spending lots of time at work because I love what I do; the hours are not burdensome, Groupon fits me. I define success in my own terms & Groupon provides us with the flexibility to be successful.

Milan

Senior Manager of Operations

What kinds of technical challenges do you and your team face?

We are working on arriving at the optimal attribution models across different areas of our business. For example, the attribution of a purchase to a specific experience — a home page feature, an email, a push notification — likely has a different window of time where we can reasonably say a specific purchase is a result of a specific experience.

Kristi

Data Scientist

How has your career grown since starting at the company?

Here at Groupon, what you do matters. I got my start at Groupon as an intern and have had the opportunity in the past (almost) 5 years to build out a global volunteer program that has engaged over 5,000 employees in over 63,000 hours of service supporting the work of close to 650 nonprofit organizations.

Alicia

Program Manager, Employee & Community Engagement

What projects are you most excited about?

Recently, we committed to having 100% of our job descriptions reviewed for gender balance by the end of 2018. Also for 2018, work will continue with our Employee Resource Groups, who play a pivotal part in the attraction and selection of diverse top talent, and themselves can be developed and promoted into company leaders.

Carlos

Head of Diversity Recruitment

What are Groupon Perks + Benefits

Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Perks & Discounts
Casual Dress
Commuter Benefits
Game Room
Recreational Clubs

Additional Perks + Benefits

Fitness benefits. Free office shuttles. Paid parental and family leave. Comprehensive sales training program. Sense of joy. Onsite cafes. Unlimited Routine Time Off (RTO). Flexible spending accounts. Life & AD&D insurance. 401(k). Disability coverage.

More Jobs at Groupon63 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR
Internships
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Project Mgmt
new
Chicago
HR
new
Chicago
Marketing
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Project Mgmt
new
Chicago
Data + Analytics
new
Chicago
Marketing
new
Chicago
Project Mgmt
new
Chicago
Product
new
Chicago
Data + Analytics
new
Chicago
Sales
new
Chicago
Operations
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Operations
new
Chicago
Operations
new
Chicago
Project Mgmt
new
Chicago
Data + Analytics
new
Chicago
Developer
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Operations
new
Chicago
Finance
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Operations
new
Chicago