Senior Security Analyst - GRC TPRM

Description

SPS Commerce is a leading provider of cloud-based supply chain management solutions, serving a global network of retail trading partners. We foster a collaborative and inclusive work environment where innovation and continuous improvement are highly valued. Join SPS Commerce and be part of a dynamic team that’s transforming the global retail supply chain!    

Position Summary: 

 The Sr. Security Analyst serves as a member of the Security Governance, Risk, and Compliance team to maintain the confidentiality, integrity and availability of sensitive company information. Responsibilities include a diverse set of IT security subject areas such as: HIPAA and Sarbanes-Oxley (SOX) compliance, SOC 1& 2, ISO 27001k, risk management, incident response, business resiliency preparedness, PII data protection, and identity and access management. This role is expected to design and develop programs to improve security standards, processes, procedures and solutions and to transfer knowledge to other Security Team Member roles. 

Key Responsibilities:   

•  Perform the end to end cyber third-party risk management process including risk profiling, risk assessment, and risk monitoring/reporting  

• Work with business line owners to inventory third parties and manage associated risks  

• Drive process improvement within the third party / customer inquiry program  

• Manage the organization’s Trust Center platform  

• Manage responses to customer inquiries about SPS security practices and the completion of customer questionnaires  

• Work with business partners in legal, accounts payable, and procurement  

• Collaborate with others to understand processes, procedures, applications, and technologies  

• Drive application and technology compliance with corporate and regulatory policies/standards, and industry best practices  

• Design and develop programs to improve security standards, processes, procedures and solutions; transfer knowledge to other security team members  

• Participate in project work; perform security specific project tasks; lead large work streams  

• Position Reports to the Sr. Manager of Security; has no Direct Reports  

Location:   

Minneapolis, MN 

Required Qualifications:   

• Bachelor’s Degree plus at least 5 years of relevant experience; Master’s degree plus at least 2 years of relevant experience; or equivalent combination of education and experience 

• Experience with planning, cybersecurity third part risk managment 

• Experience working with GRC Tools 

• Experience working with vendors, auditors, assessors, customer relations. 

• Prior participation or responsibility for audits and assessments 

Preferred Qualifications:   

•  One or more industry certification - CISSP, CISM, CISA, CTPRP 

• Privacy operations experience  

• Retail experience; working with technology and software  

• Strong business acumen - network, system or application design, implementation or support  

• System administration with experience across multiple platforms and applications  

What We Offer:    

At SPS Commerce, we are committed to ensuring that each employee's compensation reflects their unique experiences, performance, and skills in their role. The salary range for this role considers several factors, including education, relevant skills, work history, certifications, location, and more.   

The annual salary range for this role is: $100,200- $135,000. The actual salary offered will be determined based on the factors listed above and may fall anywhere within the range.    

SPS Commerce offers a comprehensive package of benefits including health, dental, vision, disability and life insurance, paid time-off, 401(k), health and flexible spending accounts, stock purchase plan and more.