Who We Are:
Socure is redefining identity verification with groundbreaking technology, supporting myriad organizations with the most accurate authentication tools in the industry.
What we build helps businesses scale faster, stop fraud, and ultimately allows millions of people who are excluded from the digital economy (due to outdated fraud detection models) to take part in it like everyone else.
Our culture is about innovation, winning, and customer obsession. We are full of top performers that prioritize excellence and results, as well as support for one another, on the path to achieving our mission: to verify 100% of good identities in real time and completely eliminate identity fraud for every applicant on the internet.
To learn more about working at Socure visit our career page here: https://www.socure.com/company/careers
What The Role Is
The GRC Operations Officer oversees the company’s information systems and staff, ensuring established policies and procedures are followed according to internal and external requirements and good practices. These tasks are part of maintaining the culture of GRC across all levels of business and technical operations. The role requires skills touching upon project management, IT risk assessment, and general industry standards and practices around data security and privacy.
What You’ll Do
- Assist with creating, reviewing, modifying, and maintaining existing practices and policies to reflect the company’s operations and values within specific industry-standard frameworks (i.e. ISO, NIST, et al).
- Work with internal groups (Product, Engineering, Infrastructure, People Operations, etc.) to meet and achieve current and future GRC-related goals and requirements
- Review current internal information security controls and ensure adherence with company standards.
- Lead information security initiatives individually and as part of a larger ISMS group to keep pace with a high-performance fast-growing data-driven company
- Document, assess, and map known and unknown areas of applicable risk, then present remediative steps remove the risk, as appropriate
- Supporting staff with technical GRC-related questions and topics
What You’ll Bring
- 2-5 years IT Security, IT risk, IT auditing, and/or IT Compliance experience within a technology company, accounting firm, or others.
- Bachelor’s degree or equivalent work experience working in compliance/GRC team.
- Exceptional organisational skills and attention to details.
- Knowledge of applicable domestic and internationally recognized information security management, governance, and compliance principles, practices, laws, rules and regulations;
- Information systems auditing, monitoring, controlling, and assessment process.
Beneficial Skills and Experience:
- Experience with AICPA (SSAE16/SOC reporting), ISO (27001 and associated certifications), NIST, and HITRUST frameworks, among others
- Basic security engineering skills
- Familiarity with cloud technologies
Perks & Benefits:
- Competitive base salary
- Equity – every employee is a stakeholder in our enormous upside
- A tech-first company culture driven by entrepreneurial thinking and talent
- A great team working in unison towards the same mission
- Transparency is what our product is built on—and so is our culture
- Generous health insurance benefits for employees and their dependents
- Parental leave.
- Flexible work schedule and work-from-home options
- Flexible PTO