GRC Analyst

Cimpress is the world leader in mass customization. You’ve probably heard of our brands, including Vistaprint, WIRmachenDRUCK, Pixartprinting, and others. Our businesses can choose the solutions that work for them or assemble any custom combination they need. It makes it easier and faster to introduce new products, reach customers, and track orders. And this kind of innovation keeps customers coming back. Just last year, Cimpress generated $2.88B in revenue through customized print products, signage, apparel, packaging, and more. We encourage our engineers to think like an owner – to continue to act small as we grow. Every team defines its roadmaps and uses the programming languages and technologies that suit them best. This helps us have a significant impact at the enterprise level while still feeling small and nimble. The Cimpress Security Team is a diverse team of technologists motivated to enable and empower our teams to move fast but securely. Our mission is to protect and secure Cimpress’ Business across the globe.

We are looking for an individual who is willing to innovate, build, and support governance, risk and compliance efforts in a modern tech environment. You will be responsible of supporting day-to-day service execution of Cimpress Security Services and serve as a consultant to multiple teams within Cimpress businesses.  Responsibilities will include the administration and optimization of the security compliance program, security awareness training program, and vendor security due diligence tasks. In addition, you will assist with supporting internal and external assessments as well as contribute to improving the security posture of Cimpress businesses. This role serves as a subject matter expert on IT security topics and assists other team members where possible.

Responsibilities

·       Supporting Cimpress Security services: security awareness training, phishing campaigns, vendor security due diligence, risk assessments, auditing and other security projects

·       Participating in the creation, management and revision of policies, procedures to support security governance efforts

·       Maintaining up-to-date knowledge of the IT Security industry including relevant security and privacy laws and regulations, emerging security threats, new security solutions, and improved security processes and applying that knowledge within the organization

·       Supporting internal customers’ requests for support and services

Qualifications

• Bachelor’s degree, preferably with an emphasis on Information Security or Information Technology, from a four-year college or university, or equivalent experience
• 1-3 years working in an IT, IT security, audit or compliance capacity, or equivalent combination of education and experience
• Able to apply high level critical thinking skills to understand and solve complex problems
• Strong time management and organizational skills
• Excellent presentation and facilitation skills
• Technical writing
• Ability to display excellent customer service to meet the needs and expectations of both internal and external customers

Bonus Skills/Knowledge/Experience

• Security certification such as CISA, CISM, CRISC, SANS GIAC, or CISSP preferred
• Experience contributing to the development and review of information security controls strongly preferred
• Knowledge of PCI, GDPR, CCPA, SOC Audits, PII, SOX audits strongly preferred
• Knowledge of domestic and international privacy laws strongly preferred
• Experience in using GRC tools preferred

We're Remote-First :

In 2020, Vista adopted a Remote-First operating model and culture. We heard from our team members that having the freedom, autonomy and trust in each other to work from home and, the ability to operate when they are most productive, empowers them to be their best. Vista also provides collaboration spaces for team members to work physically together when it's safe to do so and when in-person collaboration will deliver the best results. Currently we are enabled to hire remote team members in over 30 US States as well as several countries in Europe, including Spain, Germany, UK, Czech Republic, the Netherlands and Switzerland

Equal Opportunity Employer:

Vista, a Cimpress company, is an Equal Employment Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, sex, national or ethnic origin, nationality, age, religion, citizenship, disability, medical condition, sexual orientation, gender identity, gender presentation, legal or preferred name, marital status, pregnancy, family structure, veteran status or any other basis protected by human rights laws or regulations. This list is not exhaustive and, in fact, in many cases, we strive to do more than the law requires.