What language do you want to use Torre in?
As a Governance, Risk, and Compliance (GRC) analyst at Cloudbeds, you will assist our growing Security team to further develop and manage our Governance, Risk, and Compliance program. We’re looking for a self-driven, motivated person who understands the intricacies of Software as a Service (SaaS) companies as well as the risks, regulations, frameworks, and business practices that come along with being a SaaS provider. You will use this knowledge to help Cloudbeds continue developing and implementing an effective, compliant, secure, and business-driven GRC program. You will serve as a partner to our business and technical teams, helping identify, manage, communicate, and mitigate risks. You will develop appropriate and necessary policies, processes and controls to ensure Cloudbeds meets all applicable security and compliance related requirements and help execute/manage third party certification processes (such as PCI, GDPR, SOC 2, etc.) across our company. You will also be responsible for supporting any internal or external audits, performing vendor due diligence, responding to security assessments, and performing audits and risk management of key Cloudbeds third parties. As a GRC Analyst at Cloudbeds, you will play an important role in our delivery of an exceptional experience to our customers all around the world with governance, risk, compliance, and security at top of mind.
• Work directly with our security, IT, product, and engineering teams to continue building and growing a Governance, Risk, and Compliance practice at Cloudbeds • Provide subject matter expertise, understanding Cloudbeds’ unique SaaS business model and creating necessary policies, procedures, and controls • Assist with the implementation, upkeep, maintenance and support of a Governance, Risk, and Compliance program and tooling/software to track, manage, and report on GRC to key stakeholders and executives • Serve as an internal IT auditor to Cloudbeds, understanding our controls and ensuring they are operating effectively. • Serve as a point person for any internal or external audits, customer assessments, etc. • Assist in performing vendor due diligence, security assessments, etc. • Assist in building a third party risk management program • Maintain an understanding of the latest risk and compliance landscape, and implement new controls, best practices, etc. to mitigate any concerns • Act as a first-responder for security-related incidents.
• Strong experience with designing, developing, implementing and/or customizing Governance, Risk, and Compliance programs, especially at SaaS companies • Strong knowledge of and experience with related Governance, Risk, and Compliance frameworks (PCI, GDPR, CCPA, SOC, ISO27001, NIST CSF, NIST 800-53 etc.) • Experience working within a Software as a Service (SaaS) company • Experience developing information security and compliance related policies, procedures, and controls • Experience with Governance, Risk, and Compliance related tools (such as RSA Archer, MetricStream, LogicGate, ZenGRC, Eramba, etc.) • Exceptional written and verbal communication in English. • Ability to work remotely and manage your own time in a global team. Nice to Haves: • Applicable Governance, Risk, and Compliance and/or Information Security related certifications (CRISC, CISA, CISM, CISSP, Security+, etc). • Experience with and relevant knowledge of Cloud technologies (Amazon Web Services [AWS] preferred) • Relevant knowledge of network engineering, systems engineering, and software development practices
• Bachelor’s degree in a relevant field. • 2+ years experience as an GRC Analyst • 5+ years experience in information security, risk, and/or compliance
• Cloudbeds is the fastest growing hospitality management suite in the world, providing tools to manage independent properties of any type and size. We make award-winning cloud-based hospitality software that’s trusted by more than 20,000 hotels, hostels, inns, and alternative accommodations in over 157 countries. Our 400+ team members are distributed across over 40 countries and altogether we speak 40+ languages. How do we do it? On a #remotefirst platform that allows every member of our team to work from wherever they are around the globe.
• Our company culture supports flexible working schedules with an open PTO policy and the opportunity to travel and work remotely with great people. To make it easy for our team to travel we offer 2 corporate apartment accommodations near our San Diego and Sao Paulo offices. At Cloudbeds we dedicated to your personal and professional development. You will have access to over 10,000 courses within LinkedIn Learning when you join our team for your unique individual growth! If you think you have the skills and passion, we’ll give you the support and opportunity to thrive in your career. If you would like to be considered for the role, we would love to hear from you!
Company Awards to Check Out! • Inc. Best Places to Work (2017 & 2018) • Inc. 500 Fastest Growing Companies (2018 & 2019) • Connect MIP Award (Technology) • Best Places to Work | Inc Magazine (2017 & 2018) • Best Places to Work | HotelTechReport (2018, 2019, 2020) • Start-Ups to Watch in 2018 | Forbes • Best Startup Employers in 2020 | Forbes • Primary location: Austin, TX
What are signals?
Signals are a way of compiling a list of people you’ll consider working with. Others can signal you as well.
By signaling a person or organization you notify them that you’ll consider working with them. Thus:
55% of jobs are filled via referrals 1 . With Signals, Torre makes it easy for you.