Senior GRC Analyst
ezCater is the world’s largest online marketplace for catering – a $60+ billion market in the U.S. We make it superbly easy for businesspeople to find and order great food for meetings and events, and we help our catering partners grow their business. We’re backed by $320 million in venture funding and valued at over $1 billion. Our mission is to power the world’s catering, and we’ll make it happen – even more surely if you come help us.
ezCater values technology as a differentiator and a key component of our success. It powers everything we do. We push ourselves every day to better the codebase, improve performance, and deliver an amazing customer experience. Check out this CBS Boston article for a glimpse into our culture.
We’re looking for a top-notch, hands-on Governance, Risk and Compliance (GRC) Analyst to join our Security team and help us elevate our compliance game when it comes to designing, building and operating high-performance and highly-available systems.
At ezCater, the GRC Analyst will work with the various functions to evaluate the design and effectiveness of the control environment. This will include both operational and technical controls and developing trending for remediation efforts and overall compliance with operational standards. The individual will participate in the building of compliance programs including detailed exception reporting. This person will participate in pre-implementation reviews of new systems to ensure that there are proper controls over the development phase to meet compliance and best practice standards.
In this mission-critical role, what you'll do:
- Support the ezCater security governance, risk and control framework
- Maintain awareness of external regulations for new or changed requirements within ezCater (GDPR, PCI, ISO27001, etc.)
- Respond to security incidents as required
- Assist with the coordination of internal and external auditors as needed
- Monitor internal compliance against information security governance framework by conducting testing and internal control reviews and risk assessments
- Assist in identifying and communicating control gaps and evaluating management remediation action plans and related reporting
- Information Security Technology Background
- Knowledge of GDPR, PCI, Sarbanes Oxley and similar
- Understanding of common security technologies
- Knowledge of Security Governance, Risk & Compliance and Security Audit practices
- Ability to communicate effectively across functional areas
- Ability to work in a highly fast paced, ever changing rocket ship
This role might be that rare opportunity if you:
- Thrive in a highly collaborative, no red-tape, rapid-growth environment
- Love eliminating repetitive manual tasks through automation
- Have a healthy appreciation of what it means to work in a fast paced production environment
- Have experience with substantial, distributed SaaS or eCommerce systems
What you’ll get from us:
Importantly, you’ll get a tremendous amount of authority and autonomy. You’ll own your outcomes and see measurable results for your efforts. With ezCater’s unmatched transparency and trust, you’ll have open access to the data that drives our decisions. ezUniversity sessions will provide plenty of opportunities to expand your mind.
At the same time, you’ll get sane working hours and a huge amount of flexibility around work/life balance. Have people in your life – of any age – who always, often, or sometimes need your help? We make room for that. Have a bad thing or a good thing happen to you? We make room for that, too.
Oh, and here’s what else you’ll get: Market salary, stock options you’ll help make worth a lot, the usual holidays, all-you-can-eat vacation, 401K, health/dental/FSA, long-term disability insurance, subsidized T-passes, a great office in the heart of Boston, a tremendous amount of responsibility and autonomy, wicked awesome co-workers, cupcakes (and many more goodies), and knowing that you helped get this rocket ship to the moon.
ezCater is an equal opportunity employer. We embrace humans of every background, appearance, race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, and disability status. At the same time, we do not employ jerks, even brilliant ones.