G2 Information Security Analyst - Privacy in Topeka, Kansas
About G2 - Our People
G2 was founded to create a place where people will love to work. We strive to create meaning in work and provide more than just a job: a true calling. At the heart of our community and culture are our people. Our global G2 team comes from a wide range of backgrounds and experiences, and that’s what makes our G2 community strong and vibrant. We want everyone to bring their authentic selves to work, and we do this through our company and team events, our G2 Gives charitable initiatives, and our Employee Resource Groups (ERGs).
Our employee-led, leadership-supported ERGs celebrate the diversity of our team, foster inclusivity and belonging, and create a space to connect to each other. Through connections and understanding, we build a stronger and more dynamic global team and help every person reach their personal peak.
We support our employees by offering generous benefits, such as flexible work, ample parental leave, and unlimited PTO. Click here (http://culture.g2.com/benefits) to learn more about our benefits.
Due to Covid, G2 is currently operating fully remote until it is safe to return to the office.
About G2 - The Company
When you join G2 (http://www.g2.com/) , you join the global team behind the largest and most trusted software marketplace. Every month, 5.5 million people come to G2 to inform smarter software decisions based on honest peer reviews. Authenticity is our focus, and every day we help thousands of companies, and hundreds of employees, propel their potential. Ready for meaningful work that starts and ends with compassion and heart? You’ve come to the right place.
G2 is going through exciting growth! We’ve recently secured our Series D funding of $157 million, which will further allow us to grow and develop our product and people. Read about it here (https://culture.g2.com/news/g2-series-d-announcement) !
About The Role
G2 is looking for an organized, and dependable person who is passionate about information security and privacy. The ideal candidate is excited about joining a fast paced, industry leading company to support compliance. We are looking for a self-motivated professional who will help build out G2’s information security and privacy initiatives!
Respond to security, compliance, and privacy assessments, questionnaires and audits from clients and third-party business partners in a timely manner.
Support technical documentation of policies, standards and communications.
Help build and maintain data mapping inventory, handling of data requests on privacy matters, and data protection impact assessments.
Manage and support the Third Party Security Vendor Risk Management (TPRM) program and lifecycle.
Review and identify gaps in processes to assure that G2 products and services meet the organization's information security, compliance and privacy requirements.
Support onsite and virtual audits on behalf of G2, acting as liaison to auditors.
Collaborate with Legal, Engineering, Sales, Product and Business Stakeholders in the management of compliance and privacy treatment/acceptance plans for related privacy issues and work within the information security governance process to define control recommendations that are both efficient and effective.
Participate and contribute to information security, compliance, and privacy working groups and team meetings.
Consolidate and manage monthly dashboards and reporting of service deliverables on behalf of the Privacy team and communicate to management.
Serve as a subject matter expert for Compliance and Privacy consulting to technical / non-technical management and staff.
Understand and support the GRC technology platforms.
We realize applying for jobs can feel daunting at times. Even if you don’t check all the boxes in the job description, we encourage you to apply anyway.
1-3+ years of experience working in IT Security, Risk, Compliance, and/or Privacy
Knowledge on Security frameworks and audits such as CIS, NIST, ISO 27001, SOC2 and/or compliance and regulatory requirements such as PCI-DSS, GDPR, CCPA, etc.
Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred.
Proven experience managing timelines and being self-directed preferred.
Customer focus, including tact and diplomacy is required.
Strong project and time management skills required
Ability to communicates succinctly and effectively
Strong analytical ability with excellent written and verbal communication skills required
Great interpersonal skills; strong written and verbal communication skills
Ability to think on your feet, multi-task, prioritize, and work under pressure
What Can Help Your Application Stand Out:
Technical certifications, e.g. CISSP, CIPP, CIPM, CIPT, CISM, CISA, etc are a plus
Familiarity with GRC tools such as OneTrust, DataGrail, AuditBoard, SecurityScorecard, Whisitc, etc.
Experience in other technical or non technical areas (systems, networking, programming, product management, fraud, etc)
Our Commitment to Inclusivity and Diversity
At G2, we are committed to creating an inclusive and diverse environment where people of every background can thrive and feel welcome. We consider applicants without regard to race, color, creed, religion, national origin, genetic information, gender identity or expression, sexual orientation, pregnancy, age, or marital, veteran, or physical or mental disability status. Learn more about our commitments here (https://culture.g2.com/commitments) .