Governance, Risk, and Compliance (GRC) Analyst
LivePerson is a transformational force in how brands and consumers communicate. With over 18,000 brands, including HSBC, Disney, Verizon, and Home Depot, we are on a mission to make life easier for people and brands everywhere through trusted Conversational AI. We believe in a future where conversations are the norm for getting your intentions fulfilled - whatever they are.
We are an innovative, intent-driven company that believes in building the future and we are looking for growth minded, unconventional thinkers, developers and builders to join the team.
You will thrive here if:
You can operate in a fast paced, dynamic environment
You can build partnerships that move our business forward
You build code that is simple, understandable, and clean
You see feedback or failure as motivation to learn and to grow
You believe data-driven decision making is the norm
You relate to our core principles (link) and want to work with Conversational AI experts
A Governance, Risk, and Compliance (GRC) Analyst at LivePerson is responsible for the assessing, documenting and communicating LivePerson’s compliance and risk posture as they relate to its information assets.
The purpose of this position is to provide skilled information security and compliance expertise for development, support and implementation of the information security risk management program, with a focus on managing outside audits and assessments from customers.
Responsibilities require project management experience, as well as expertise to ensure effective system-wide security analysis; compliance; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.
Our GRC Analysts report to the Head of Global GRC and are a part of LivePerson’s highly talented and Global Information Security team.
In this role :
Duties and Responsibilities:
Leadership
- Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of LivePerson as a valued business partner to its customers.
- Operate with a high degree of independence with regard to project management activities, including development of project plans, customer meetings and audit sessions.
Compliance
- Work with the GRC team on the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.
- Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, HITRUST, SOC, NIST 800-171 and other compliance standards.
Audit
- Work with Internal Audit, our Audit Partners, Customers, Assessors and outside consultants as appropriate on required security assessments and audits
- Coordinate and track all information technology and security related audits including scope of audits, Questionnaire timelines, auditing agencies and outcomes.
- Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the LivePerson in its best light.
- Provide guidance, evaluation and advocacy on audit responses.
Risk
- Work with the team to develop and implement the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
- Internally assess, evaluate and make recommendations to management regarding the adequacy of security controls for LivePerson’s information and technology systems.
Communications:
- At LivePerson, all Security Team members are expected to Interact in both oral and written communications with all levels of both LivePerson and Customer Teams in matters related to information security and security awareness materials.
Problem-Solving Skills
- Must be able to assess computer hardware, software, systems and processes for security risks or violations and work with Liveperson’s Teams, Technology Vendors and other Stakeholders to recommend solutions.
- Must be able to assess the status of complex multi-location projects as well as identify and implement appropriate corrective measures to resolve issues as they arise.
- Must have a strong customer service orientation and the ability to project that attitude to customers in remote locations.
The qualifications are:
- IT skills with high level of information security experience and expertise
- Knowledge of information security risk management frameworks and compliance practices.
- Experience managing audits and outside auditors
- Knowledge of securing network technologies, client, and server operating systems.
- Experience responding to, analyzing, and communicating information security incidents
- Experience with planning and managing security projects
- Excellent interpersonal, communication, and presentation skills, including formal report writing experience
- Understanding of common security standards and regulations (e.g., SOC, PCI DSS, ISO2700x, etc.)
Preferred Qualifications
While a degree in Information Technology, Computer Science or related field is highly desirable, we also look to candidates with experience in Information Systems Design, Management or other proficiencies related to Security. Advanced security qualifications such as CISSP, GIAC or Privacy Certifications like CDPSE or CIPM are always welcomed, but don’t let not having them stop you from applying.
As well as a well-formed opinion and a bias for action, LivePerson GRC Analysts include the following qualities:
- Experience in information security experience and/or IT risk management with a focus on security, performance and reliability
- Good working knowledge of current IT risks and experience implementing security solutions
- Experience performing information security audits or risk assessments
- Familiarity with security auditing processes
- Familiarity with dashboard creation
LI#-PS
Why you’ll love working here:
LivePerson was named to FastCompany’s World’s most innovative companies of 2020 list for the Artificial Intelligence category. We offer top tier tech & data science colleagues, along with opportunities to push your own limits. We embrace invention and experimentation. You’ll have great benefits, flexible time off, plus snacks and drinks to keep your mind fresh and stomach full. Most importantly, you’ll have an ability to make an impact at work and at brands across the globe as we build the future with trusted Conversational AI together.
At LivePerson, people from diverse backgrounds come together to do their best work and be their authentic selves. We are proud to be an equal opportunity employer.
All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.