Security Governance Analyst II

| Greater Boston Area

Security Governance Analyst II

Location: Boston, MA

Team: Information Security

 

Role Overview:

This role is for someone who is looking to develop their information security knowledge by contributing to Security Trust & Governance operations. An information security and/or information technology background would set you up for success in this position. Your ability to successfully carry out cross-functional work will require strong communication skills, patience, and a solution-oriented attitude.

 

You’ll join us in our brand new North Station HQ and work with an energized team that cares deeply about the success of these initiatives, and leadership that values work-life balance, an inclusive culture, and your ongoing career development.

 

Day In The Life:

The Sales team wants to purchase a new enablement solution, and you’re responsible for conducting a security assessment of the tool they’ve selected. You start the day by meeting with a Sales manager to discuss how the tool would be used, what data it would process, and what integrations would be required. This context is critical to understanding how the tool might introduce risk to Rapid7. Later today, you’ll review the documentation provided by the vendor to determine whether they have adequate security controls in place based on the scope of our potential engagement.

 

You check your ticket queue and see that you’ve received some security and privacy questions from a customer. You’re able to answer most of them by referring to Rapid7’s policies, and you send the remaining questions over to a team member in Product Security, ensuring they have enough context to address them thoroughly. 

 

After lunch, you spend a couple of hours on a project you’ve been chipping away at -- automating a process to pull some SOC 2 audit evidence in order to speed up the process for a control owner in IT.

 

Before you head out for the day, you check in to see if application owners have completed their quarterly access reviews. You notice that one of the application owners stopped in the middle of his review, so you send him a Slack message to see if he’ll be able to finish his review this week to keep the process on track. He mentions he paused after getting confused about something he saw in the access re-certification tool. You walk over his desk and sort out his question with him so he can complete his review.

 

Responsibilities:

  • Assist in third party risk management efforts by performing security assessments of potential Rapid7 partners/vendors. This requires considering elements such as the architecture of computer information systems, the sensitivity of data that will be processed, the vendor’s overall security program maturity, and any aspect of the engagement that could introduce risk to Rapid7.

  • Address questions about Rapid7’s internal security program from customers, prospects, and auditors. This will often require working with other members of the Information Security team, and with other Rapid7 teams, including Engineering, Product Management, Content Strategy, and Legal.

  • Assist senior members of the security team with tasks related to:

    • Aiding in security awareness and culture initiatives throughout the company

    • Compliance and privacy program maintenance

    • Workflow improvements

    • Identity and access management maintenance

Requirements

  • 2+ years of experience in information security, information technology, data privacy, or an adjacent field.

  • Strong project management abilities, including ability to coordinate initiatives across technical and non-technical teams/stakeholders and managing distributed teams and projects.

  • Ability to work effectively with both technical and business executives.

  • Strong communication and organizational abilities.

Preferred Qualifications

  • Experience in information security and/or information technology.

  • Understanding of certification and accreditation/auditing activities, and security control frameworks.


Read Full Job Description
Apply now

Location

Rapid7 is conveniently located between the North End and West End of Boston, with plenty of restaurants, bars and public transport close by.

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Open office floor plan
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Onsite Gym
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Employee Stock Purchase Plan
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Our game room includes Ping Pong.
Stocked Kitchen
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Promote from within
Time allotted for learning
Online course subscriptions available
Paid industry certifications
More Jobs at Rapid742 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR
Legal
Marketing
Operations
Project Mgmt
Sales
Finance
new
Boston
Data + Analytics
new
Boston
Sales
new
Boston
Operations
new
Boston
Project Mgmt
new
Boston
Sales
new
Boston
Operations
new
Boston
Sales
new
Boston
Developer
new
Boston
Operations
new
Boston
Operations
new
Boston
Project Mgmt
new
Boston
Operations
new
Boston
Project Mgmt
new
Boston
Developer
new
Boston
Operations
new
Boston
HR
new
Boston
Sales
new
Boston
Data + Analytics
new
Boston
Data + Analytics
new
Boston