Menu

Security Governance & Compliance Analyst

Apply Now

Developing innovative technologies to revolutionize the payments industry while helping customers transact in global marketplaces is not for the faint of heart. We have big goals and are looking for people to join our team who want to leave a legacy. Just as you are committing to do your best work, we are committed to making this the best place you’ve ever worked. It’s a partnership from the very beginning. If you are looking to step outside your comfort zone, learn new things, apply your skills, collaborate with brilliant people and have fun along the way, then you might be our next Yapster! We promise to provide you with an amazing journey along your career. At Yapstone, we don’t just accept difference — we celebrate it, we support it, and we thrive on it for the benefit of our employees. Yapstone is proud to be an equal opportunity workplace.


The Security Governance and Compliance Analyst is responsible for the execution of security programs such as PCI DSS, SSAE 18, and other standards-based compliance initiatives. The Security Governance and Compliance Analyst will be responsible for executing assessments to ensure compliance with internal and external requirements, identifying risks, and communicating the posture to the Yapstone leadership team. The position will act as the Subject Matter Expert for Security Governance, Risk, and Compliance for Yapstone operations.


Primary Responsibilities

  • PRIMARY RESPONSIBILITIES:

  • • Reviewing and updating Policy & Standards documentation

  • • Project coordination and evidence gathering for compliance assessments

  • • Governance, Risk, and Compliance projects to identify risks/threats

  • • Participation in system hardening configuration review with Software Development Engineering to ensure standards compliance

  • • Review and consolidation of security governance reports

  • • Participation in security architecture reviews

  • • Participation in Security Operations Incident Response Testing and Organizational Business Continuity/Disaster Exercises

  • • Interfaces with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk.

  • • Assists in maintenance, and training of Yapstone users on the importance of privacy and security awareness.

  • • Assists in coordination of third-party annual application vulnerability tests, SSAE18, PCI, internal audits and IT security assessment(s).

  • • Participates in resolution of security incidents and completes after action reports to memorialize the findings.

  • • Assists with development and delivery of security awareness training and materials.

  • • Assists with development and delivery of business continuity training and materials.

  • • Participates with business impact analysis and business continuity plan development

  • • Works with GRC and InfoSec tools to collect and maintain security and risk information

Primary Responsibilities

  • PRIMARY RESPONSIBILITIES:

  • • Reviewing and updating Policy & Standards documentation

  • • Project coordination and evidence gathering for compliance assessments

  • • Governance, Risk, and Compliance projects to identify risks/threats

  • • Participation in system hardening configuration review with Software Development Engineering to ensure standards compliance

  • • Review and consolidation of security governance reports

  • • Participation in security architecture reviews

  • • Participation in Security Operations Incident Response Testing and Organizational Business Continuity/Disaster Exercises

  • • Interfaces with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk.

  • • Assists in maintenance, and training of Yapstone users on the importance of privacy and security awareness.

  • • Assists in coordination of third-party annual application vulnerability tests, SSAE18, PCI, internal audits and IT security assessment(s).

  • • Participates in resolution of security incidents and completes after action reports to memorialize the findings.

  • • Assists with development and delivery of security awareness training and materials.

  • • Assists with development and delivery of business continuity training and materials.

  • • Participates with business impact analysis and business continuity plan development

  • • Works with GRC and InfoSec tools to collect and maintain security and risk information

Requirements

  • QUALIFICATIONS:

  • • Bachelor’s degree or equivalent work-based experience.

  • • Prefer 2-3 years’ experience performing compliance assessments, risk assessments, data security assessments, business impact analysis, reviews of key technology platforms/networks/applications and software security.

  • • General understanding of assessing security and privacy risks around technologies and trends.

  • • General understanding of business continuity and disaster recovery.

  • • General understanding of assessments and audits.

  • • Project coordinator or project management experience preferred.

  • • Microsoft Office Experience with SharePoint, Excel, Word, PowerPoint is preferred.

  • • Genuine passion/interest for problem solving.

  • • Armed services veteran is a plus

  • Yapstone is an equal opportunities employer.

Requirements

  • QUALIFICATIONS:

  • • Bachelor’s degree or equivalent work-based experience.

  • • Prefer 2-3 years’ experience performing compliance assessments, risk assessments, data security assessments, business impact analysis, reviews of key technology platforms/networks/applications and software security.

  • • General understanding of assessing security and privacy risks around technologies and trends.

  • • General understanding of business continuity and disaster recovery.

  • • General understanding of assessments and audits.

  • • Project coordinator or project management experience preferred.

  • • Microsoft Office Experience with SharePoint, Excel, Word, PowerPoint is preferred.

  • • Genuine passion/interest for problem solving.

  • • Armed services veteran is a plus

  • Yapstone is an equal opportunities employer.

Apply Now

Our Benefits

  • We offer comprehensive health, dental, and vision wellness plans for you and your family with low employee premiums.
  • You work hard every day to build the future of our company, so we’ll help you build your future with a 401(k) plan that features employer match.
  • We encourage and support our teams to take time off to recharge and reboot because changing how the world pays is no easy task.
  • We care about the community where we work. Through YapCares, you get 8 hours of paid volunteer time off each year to make a difference.
  • Enjoy food, fun and camaraderie with breakfasts, dinners, snacks, social hours and events.
  • A great location in the East Bay that is a reverse commute for many Yapsters, and we’re right across the street from BART.