Jobs//Hybrid//Cybersecurity + IT//

Security Governance Analyst II

Rapid7
| Hybrid
Sorry, this job was removed at 11:09 a.m. (EST) on Tuesday, April 7, 2020
View 152 Jobs
Find out who's hiring in Greater Boston Area.
See all Cybersecurity + IT jobs in Greater Boston Area
View 152 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job

Security Governance Analyst II

Location: Boston, MA

Team: Information Security

 

Role Overview:

This role is for someone who is looking to develop their information security knowledge by contributing to Security Trust & Governance operations. An information security and/or information technology background would set you up for success in this position. Your ability to successfully carry out cross-functional work will require strong communication skills, patience, and a solution-oriented attitude.

 

You’ll join us in our brand new North Station HQ and work with an energized team that cares deeply about the success of these initiatives, and leadership that values work-life balance, an inclusive culture, and your ongoing career development.

 

Day In The Life:

The Sales team wants to purchase a new enablement solution, and you’re responsible for conducting a security assessment of the tool they’ve selected. You start the day by meeting with a Sales manager to discuss how the tool would be used, what data it would process, and what integrations would be required. This context is critical to understanding how the tool might introduce risk to Rapid7. Later today, you’ll review the documentation provided by the vendor to determine whether they have adequate security controls in place based on the scope of our potential engagement.

 

You check your ticket queue and see that you’ve received some security and privacy questions from a customer. You’re able to answer most of them by referring to Rapid7’s policies, and you send the remaining questions over to a team member in Product Security, ensuring they have enough context to address them thoroughly. 

 

After lunch, you spend a couple of hours on a project you’ve been chipping away at -- automating a process to pull some SOC 2 audit evidence in order to speed up the process for a control owner in IT.

 

Before you head out for the day, you check in to see if application owners have completed their quarterly access reviews. You notice that one of the application owners stopped in the middle of his review, so you send him a Slack message to see if he’ll be able to finish his review this week to keep the process on track. He mentions he paused after getting confused about something he saw in the access re-certification tool. You walk over his desk and sort out his question with him so he can complete his review.

 

Responsibilities:

  • Assist in third party risk management efforts by performing security assessments of potential Rapid7 partners/vendors. This requires considering elements such as the architecture of computer information systems, the sensitivity of data that will be processed, the vendor’s overall security program maturity, and any aspect of the engagement that could introduce risk to Rapid7.

  • Address questions about Rapid7’s internal security program from customers, prospects, and auditors. This will often require working with other members of the Information Security team, and with other Rapid7 teams, including Engineering, Product Management, Content Strategy, and Legal.

  • Assist senior members of the security team with tasks related to:

    • Aiding in security awareness and culture initiatives throughout the company

    • Compliance and privacy program maintenance

    • Workflow improvements

    • Identity and access management maintenance

Requirements

  • 2+ years of experience in information security, information technology, data privacy, or an adjacent field.

  • Strong project management abilities, including ability to coordinate initiatives across technical and non-technical teams/stakeholders and managing distributed teams and projects.

  • Ability to work effectively with both technical and business executives.

  • Strong communication and organizational abilities.

Preferred Qualifications

  • Experience in information security and/or information technology.

  • Understanding of certification and accreditation/auditing activities, and security control frameworks.


Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

Location

Rapid7 is conveniently located between the North End and West End of Boston, with plenty of restaurants and public transport close by.

An Insider's view of Rapid7

What does your typical day look like?

For the majority of the day it’s a mix of weekly check-ins with various teams, project updates, and the occasional brainstorm.

When I’m not in meetings I’ve got headphones in while planning, writing, or designing — at my desk or perched somewhere around the office.

Grace

Senior Brand Storyteller

How has your career grown since starting at the company?

Ive been on many teams in my time at Rapid7 and they have certainly “grown” from a size perspective, but more importantly, they all evolved with the changing times and needs. Some of the teams I was on were critical for our sales grown in an emerging market and though they no longer exist by name, I can see the tangible impact we made.

Sarah

Manager, Commercial Sales

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Employee resource groups
Employee-led culture committees
Hybrid work model
President's club
Employee awards
Flexible work schedule
Remote work program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Mandated unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity employee resource groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring practices that promote diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Child Care & Parental Leave Benefits
Generous parental leave
Family medical leave
Vacation & Time Off Benefits
Unlimited vacation policy
Generous PTO
Paid volunteer time
Our employees receive unlimited hours per year of paid volunteer time.
Paid holidays
Paid sick days
Employees receive unlimited hours per year of paid sick leave.
Bereavement leave benefits
Company-wide vacation
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Some meals provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Company-sponsored happy hours
Onsite office parking
Fitness stipend
Home-office stipend for remote employees
Meditation space
Mother's room
Onsite gym
Professional Development Benefits
Job training & conferences
Lunch and learns
Promote from within
Continuing education stipend
Variable.
Continuing education available during work hours
Online course subscriptions available
Paid industry certifications
View full list of perks + benefits

More Jobs at Rapid7

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Rapid7Find similar jobs like this