Job Description:

Grubhub Security is charged to deliver tailored solutions which provides a safe and trustworthy experience for our users; consistently and reliably protects the brand; ensures total compliance with applicable laws and regulations and; fosters a healthy security culture. We are committed to maintaining the highest standards of security and compliance in all aspects of our operations. As we continue to grow, we are seeking a dedicated and experienced Senior Cybersecurity Analyst to join our team and lead our efforts in security governance, risk, and compliance.Please read the information in this job post thoroughly to understand exactly what is expected of potential candidates.About the roleThe Senior Cybersecurity Analyst will be responsible for overseeing and managing our security governance, risk, and compliance initiatives. This role will play a crucial role in ensuring that our company adheres to industry best practices and regulatory requirements, particularly focusing on third-party risk management, security risk management, and achieving PCI-DSS 4.0 compliance. This role reports directly to the head of cybersecurity with direct line of sight to the executive leadership team.Core responsibilitiesDevelop and implement a comprehensive third-party risk management program, including vendor risk assessments, due diligence, and ongoing monitoring.Establish and maintain a security risk management program to identify, assess, and mitigate security risks across the organization.Lead efforts to achieve PCI-DSS 4.0 compliance, ensuring that all necessary controls and processes are in place and effectively implemented.Conduct regular audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement.Collaborate with internal teams to ensure alignment of security initiatives with business objectives and priorities.Stay abreast of emerging threats, vulnerabilities, and regulatory changes, and recommend appropriate measures to address them.Provide regular reports and updates to senior management on the status of security governance, risk, and compliance initiatives.Understand technical implementation at the architecture level and propose technical alternatives when necessary. Ask questions that clarify priorities and push the team to be highly effective. Develop broad domain and technical knowledge.QualificationsBachelor's degree in Computer Science, Information Security, or related field.5 - 7 of experience in cybersecurity, with a focus on security governance, risk, and compliance.Strong understanding of industry standards and frameworks, such as ISO 27001, NIST Cybersecurity Framework, and PCI-DSS.Experience developing and implementing third-party risk management programs.Proven track record of leading compliance efforts and achieving regulatory certifications (e.g., PCI-DSS, GDPR).Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.Strong organizational skills to juggle many tasks without losing sight of the highest priority items.Strong analytical and problem-solving abilities, with a keen attention to detail.Relevant certifications such as CISSP, CISM, CRISC, or PCI Professional (PCIP) are preferred.Knowledge of and experience with working in Agile environments + ceremonies and work management systems such as Jira.Our Perks:Flexible PTO. Grubhub employees enjoy a generous amount of time to recharge.Health and Wellness. Excellent medical, dental and vision benefits, 401k matching, employee network groups and paid parental leave are just a few of our programs to support your overall well-being.Compensation. You'll receive a highly-competitive compensation package with eligibility for generous incentives, bonuses, commission, and RSUs.Free Meals. Our employees get a weekly Grubhub credit to enjoy and support local restaurants.Social Impact. We believe in giving back through programs like the Grubhub Community Relief Fund, and provide our employees opportunities to support causes that are important to them.