Security Analyst

Who we are Recharge is the leader in powering physical subscriptions, making it one of the most important ecommerce engines. Recharge powers over 50M subscriptions worldwide and has processed more than 10B in transactions. More than 15K brands such as Verve Coffee Roasters, Bokksu, Who Gives A Crap, Billie, and Bite Toothpaste Bits rely on Recharge daily to grow their businesses and delight their customers. Recharge’s mission is to enable brands and merchants to form strong, lasting relationships with their customers through recurring purchases. As merchants seek ways to drive more direct sales and distribution through their channels and move away from a reliance on traditional online marketing strategies, Recharge has made it possible to grow businesses with seamless, recurring customer transactions. Bootstrapped until 2020, Recharge is valued at over 2.1B dollars and is a double unicorn with a total raise of 277M dollars. Join us as we work with our merchants to define the future of ecommerce. Overview The Security Team at Recharge is responsible for providing best practice guidance regarding the security of all of our products, data and systems.  We are looking for team members who love to collaborate with other team members around the business.  In this role, you will monitor, evaluate and maintain Information Security systems and procedures to ensure the security of Recharge. What you’ll do Provide quality assurance of all IT General Controls through assessment, walkthroughs and audits to ensure operational effectiveness of those controls. Monitor the control environment and ensure that controls are operational and in-line with established policies and procedures. Identify risks and gaps and facilitate remediation to address observations raised in internal and external audits. Collaborate with external auditors to provide required evidence after ensuring the quality of the information obtained. Manage and track findings from identification to closure.  Ability to evaluate and review a plan of action and determine if the proposed plan meets control requirements. Provide awareness training to control owners. Design, implement, maintain and improve programs to address key company risks and prepare internal teams for assessments against a variety of regulatory and compliance frameworks (PCI, SOC2, SOX, ISO27001, etc). Conduct and coordinate third party risk assessments and collaborate with stakeholders to identify critical risks to the organization. Help develop and maintain security policies, procedures and guidelines and ensure cross functional teams are trained. Manage and monitor security tools and technologies such as penetration testing, vulnerability scanning and reporting. Assist with other compliance and security priorities as needed. What you’ll bring Skills: Basic working knowledge of information security concepts Self-starter and flexible team player able to effectively manage independent workloads asynchronously with stakeholders across multiple time zones Project Management capabilities Ability to effectively communicate and educate others on the need and value-add of security and compliance efforts   Education and experience: Four-year degree or relevant professional certifications (CISA, CISSP, GSEC, etc) preferred, but will also consider candidates with relevant experience 2+ years experience as a security/compliance analyst A general understanding of compliance frameworks such as ISO, NIST, OWASP, SANS Top 20, PCI-DSS, GDPR, SOX and SOC2 Recharge  |  Instagram  |  Twitter  |  Facebook Recharge Payments is an equal opportunity employer. In addition to EEO being the law, it is a policy that is fully consistent with our principles. All qualified applicants will receive consideration for employment without regard to status as a protected veteran or a qualified individual with a disability, or other protected status such as race, religion, color, national origin, sex, sexual orientation, gender identity, genetic information, pregnancy or age. Recharge Payments prohibits any form of workplace harassment.   T ransparency in Coverage This link leads to the Anthem Blue Cross machine-readable files that are made available in response to the federal Transparency in Coverage Rule and includes network negotiated rates for all items and services; allowed amounts for OON items, services and prescription drugs; and negotiated rates and historical prices for network prescription drugs (delayed). EIN 80-6245138. This  link  leads to the Kaiser machine-readable files. #LI-Remote