Bumble Inc. Bumble has changed the way people date, create meaningful relationships & network with women making the first move. Meet new people & download Bumble. At Bumble, the security of our customers is a top priority. As a GRC engineer, you should be mission-focused in assuring the controls which protect our users' data, our company’s infrastructure and our global operations.
At Bumble, we want to achieve the highest levels of security which means we need to have a strong program of controls assurance, governance of our processes and risk management which can be relied on to make good decisions. We want to tackle this problem with an engineering-led mindset and this role will build out the GRC frameworks, automation, and integration with the rest of the security and privacy portfolios. You should be tenacious with your curiosity both technically and organizationally about security risks, and work cross-functionally to resolve anything we don’t know.
This role is skilled at finding novel ways to collect, normalize, analyze and report on our security posture. We want to be a trusted source for risk management for internal stakeholders and executives with data-driven insights. We want to have evidence of our capabilities gathered efficiently, comprehensively and low-friction. This role should be a champion for automation in control design for frameworks such as SOX, ISO27001, PCI-DSS and NIST.
Key Accountabilities
Design and implement automation for partner trust, assurance, compliance, and regulatory activities Challenge and expand our thinking surrounding engineering and GRC Improve our reporting, metrics and assurance within GRC and with our stakeholders Promote and demonstrate the relevance and importance of security controls and how they provide business value Be the source of automation and engineering-led thinking for security control assessment, evidence collection, and summary reporting Stay ahead of the calendar of our assessments and engage stakeholders in a frictionless, empathetic way Integrate GRC systems with cross-functional stakeholder systems to ensure accuracy and consistency Be the subject matter expert for control validation in the Security team Required Experience & Skills
Can develop scripts in various scripting languages (Python, Go, etc.) and peer review code / implementation / automation scripts Familiarity with RESTful APIs Experience with security data and BI tooling such as Bigquery, Snowflake, Looker, Tableau, etc. Knowledge of integrations with Slack, Jira Strong and demonstrable practical experience in visualizing security control information, including dashboards, integrations or projects in the risk domain About You
Your values align strongly with the Bumble Inc. values: Growth, Kindness, Equity, Accountability, and Honesty You have demonstrated knowledge of large data handling and systems integration You have knowledge of various regulations and controls (SOX, PCI, GDPR, ISO27001, NIST etc) You are excited about developing and growing our GRC Engineering capabilities You have a passion for risk management, information security, metrics, efficient security operations, and effective control designs. Visualizing GRC data for people to consume and use effectively is something you are good at doing. Excellent analytical, problem-solving and interpersonal skills Readiness to expand technical skill set, both through self-study and formal training
#J-18808-Ljbffr
Design and implement automation for partner trust, assurance, compliance, and regulatory activities Challenge and expand our thinking surrounding engineering and GRC Improve our reporting, metrics and assurance within GRC and with our stakeholders Promote and demonstrate the relevance and importance of security controls and how they provide business value Be the source of automation and engineering-led thinking for security control assessment, evidence collection, and summary reporting Stay ahead of the calendar of our assessments and engage stakeholders in a frictionless, empathetic way Integrate GRC systems with cross-functional stakeholder systems to ensure accuracy and consistency Be the subject matter expert for control validation in the Security team Required Experience & Skills
Can develop scripts in various scripting languages (Python, Go, etc.) and peer review code / implementation / automation scripts Familiarity with RESTful APIs Experience with security data and BI tooling such as Bigquery, Snowflake, Looker, Tableau, etc. Knowledge of integrations with Slack, Jira Strong and demonstrable practical experience in visualizing security control information, including dashboards, integrations or projects in the risk domain About You
Your values align strongly with the Bumble Inc. values: Growth, Kindness, Equity, Accountability, and Honesty You have demonstrated knowledge of large data handling and systems integration You have knowledge of various regulations and controls (SOX, PCI, GDPR, ISO27001, NIST etc) You are excited about developing and growing our GRC Engineering capabilities You have a passion for risk management, information security, metrics, efficient security operations, and effective control designs. Visualizing GRC data for people to consume and use effectively is something you are good at doing. Excellent analytical, problem-solving and interpersonal skills Readiness to expand technical skill set, both through self-study and formal training
#J-18808-Ljbffr
