Oh Snap!
This job is no longer active - but you can still view the details below.

Security Governance Analyst

| Cambridge

Meet CarGurus—the #1 visited online car shopping website in the US. At CarGurus, we’re building the world’s most trusted and transparent automotive marketplace where it’s easy to find great deals from top-rated dealers.

 Founded in 2006 by Langley Steinert (co-founder of TripAdvisor), CarGurus is a technology company with a passion for data and its power to simplify every aspect of the car shopping experience. Using proprietary technology, search algorithms and innovative data analytics, we provide unbiased validation on pricing, dealer reputation and vehicle history.

The Security Governance Analyst is charged with assisting the organization with the identification, assessment, measurement, monitoring and management of risk. The Analyst will focus primarily on the maintenance of an effective Enterprise Governance Risk and Compliance (GRC) program and facilitate the identification of risks, ensuring proper mechanisms are in place to manage the identified risks. The ideal candidate will be up to the challenge of developing security policies and standards, risk frameworks, and processes in an innovative and flexible way to support fast-paced and empowered environments.

This role will work closely with Information Security leadership to implement the procedures and controls necessary to ensure and protect the safety and security of information systems, assets, and customer data. A well-qualified candidate will be comfortable working with executive and technical leadership to embed a risk and security focused mindset in all areas.

This role covers security, privacy, financial and other enterprise-wide operational risks for the following activities: risk assessment and treatment, monitoring, management, and mitigation; policy, standards, and control design and implementation; risk management (including third party risk); training and awareness; and, business continuity planning and disaster recovery programs.

The candidate must have strong written and verbal communication skills, strong organization skills and a good understanding of cyber security principles and concepts. 

What You'll Do: 

  • Develop a risk framework and processes that allow for effective risk monitoring, management and mitigation, while still facilitating innovative, fast-moving, empowered cultures.
  • Perform risk assessment and risk management activities across the company.
  • Manage vendor relationships (from a risk and security perspective).
  • Lead risk-focused culture and process change through training and interaction with key leaders.
  • Work closely with leaders in IT and Operations functional areas to ensure security standards, policies, and procedures are deeply embedded and understood.
  • Be part of a team that promotes risk and security awareness and training programs.
  • Develop and implement a risk reporting framework for management teams and governance committees.
  • Willingness to learn and stay current with industry trends relating to cyber security, privacy and risk.

Who You Are: 

  • Ability to determine risk based on context
  • Ability to clearly articulate issues and communicate in an effective and personable manner
  • Ability to adjust quickly to the security needs of a highly agile organization
  • Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems or related curriculum.
  • Experience in risk management, information security, privacy or a data protection or assurance-related function.
  • Technical and Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance
  • Knowledge of the following frameworks/compliance regimes; ISO, NIST, PCI, SOX, and GDPR compliance
  • Proven understanding of risk assessment methodologies, frameworks, and procedures and the ability to work flexibly with them to meet organizational size, maturity, and culture considerations
  • Experience building network of relationships across functions and to liaise with senior management
  • Knowledge of risk assessment tools, technologies and methods
  • Ability to think strategically about security risks and tie those to tactical organizational activities
  • Open to learning and working on new domains and technology
  • Experience planning, researching and developing security policies, standards and procedures
  • Ability to manage all aspects of large-scale projects to bring about organizational change

At the core of our company culture is a spirit of innovation, curiosity and collaboration. True to our start-up roots, we’re nimble, flexible and hardworking. We have a great respect for testing and learning and a healthy aversion to scheduling meetings to discuss meetings. Lunch is catered daily. Gym membership is free. Foosball and ping pong are played often. Now a publicly-traded company, we’re as committed as ever to cultivating the culture that got us here.

In addition to the US, CarGurus operates sites in Canada, the UK and Germany with other markets on the horizon. Our offices are located in Cambridge, MA, Detroit, MI and Dublin, Ireland. If you’d like to learn more, please visit our careers page.

Read Full Job Description
Apply now
loading ...
Emailed

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • SqlLanguages
    • DockerLanguages
    • JenkinsLanguages
    • Elastic SearchLanguages
    • KafkaLanguages
    • HibernateLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • ReduxLibraries
    • Node.jsFrameworks
    • SpringFrameworks
    • MySQLDatabases
    • Google AnalyticsAnalytics
    • SQLAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • TrelloManagement
    • HubSpotCRM
    • SalesforceCRM
    • MarketoLead Gen

Location

2 Canal Park 4th Floor , Cambridge, MA 02141
CarGurus' tech teams solve tough problems — sometimes by questioning the problem itself
Watch

What are CarGurus Perks + Benefits

Culture
Volunteer in local community
CarGurus participates in local volunteer activities such as the The Boston Children's Hospital Corporate Cup Challenge, The Freedom Run 5k, etc.
Friends outside of work
Eat lunch together
Intracompany committees
CarGurus has committees that are re-elected annually and manage events and programs such as the Charitable Giving Committee and Community Council.
Open door policy
Team owned deliverables
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Wellness Programs
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
CarGurus offers company equity in the form of Restricted Stock Units.
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Return-to-work program post parental leave
Vacation & Time Off Benefits
Generous PTO
Sabbatical
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Game Room
Stocked Kitchen
Happy Hours
Parking
Recreational Clubs
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within

Additional Perks + Benefits

We provide a competitive benefits package including health, dental, and 401K match. We also offer 16 weeks paid primary caregiver leave and 2 weeks secondary caregiver leave. In addition, we also offer perks including gym memberships, commuter passes, daily catered lunches, company outings and more.

More Jobs at CarGurus83 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR
Internships
Marketing
Operations
Product
Sales
Finance
new
Cambridge
Sales
new
Cambridge
Design + UX
new
Cambridge
Developer
new
Cambridge
HR
new
Cambridge
Developer
new
Cambridge
Data + Analytics
new
Cambridge
Data + Analytics
new
Cambridge
Sales
new
Cambridge
Operations
new
Cambridge
Marketing
new
Cambridge
Developer
new
Cambridge
Internships
new
Cambridge
Sales
new
Cambridge
Data + Analytics
new
Cambridge
Data + Analytics
new
Cambridge
Design + UX
new
Cambridge
Internships
new
Cambridge
Developer
new
Cambridge
Product
new
Cambridge
Product
new
Cambridge
Developer
new
Cambridge
Developer
new
Cambridge
Developer
new
Cambridge
Finance
new
Cambridge
Data + Analytics
new
Cambridge
Data + Analytics
new
Cambridge
Developer
new
Cambridge
Finance
new
Cambridge
Internships
new
Cambridge
Developer
new
Cambridge
Finance
new
Cambridge
HR
new
Cambridge
Developer
new
Cambridge
Developer
new
Cambridge
Internships
new
Cambridge
Marketing
new
Cambridge
Marketing
new
Cambridge
Internships
new
Cambridge
Operations
new
Cambridge
Developer
new
Cambridge
Design + UX
new
Cambridge
Developer
new
Cambridge
Developer
new
Cambridge
Internships
new
Cambridge
Data + Analytics
new
Cambridge
Marketing
new
Cambridge
Sales
new
Cambridge
Internships
new
Cambridge
Internships
new
Cambridge
HR
new
Cambridge
Internships
new
Cambridge
Sales
new
Cambridge