GRC Analyst (m/f/x)
Our Backend Engineers assume development and operational responsibility for the HelloFresh platform that serves millions globally to deliver the best experience for our customers and internal users.
Above all, we are looking for people who will make HelloFresh better. We believe there are many different ways of developing skills and we love diverse experiences! So even if you don’t “tick all the boxes” but think you’d thrive in this role, we would really like to learn more about you.
What you’ll do
We’re looking for a new teammate to join us on the journey of keeping HelloFresh a trusted name - someone with a passion for security, compliance and appetite for new challenges. A GRC Analyst works in a variety of ways to plan, design, implement and maintain Governance, Risk and Compliance initiatives and the elements supporting those.
You will be part of the squad responsible for creating, maintaining and improving HelloFresh’s security risk management program and remediation activities; information security and data privacy related processes, policies, and guidelines; supporting compliance and certification related activities; and driving security awareness and education.
What you’ll do
- Assist in the establishment and maintenance of the security risk management program
- Cooperate with various teams to identify, document, assess and remediate security risks
- Support the creation and update of security policies to establish and maintain a strong framework of security controls
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
- Use formal project management skills in planning, tracking, and reporting to close the remediation loop
- Conduct third-party vendor security reviews and assessments regarding their security and data privacy status
- Facilitate and improve the security awareness program of the company
What you’ll bring
- At least 1 year of experience in the fields of information security / Governance, Risk and Compliance (GRC) / IT auditing
- Experience in working with compliance programs (NIST, ISO 27001 / 27007, PCI DSS), standards, and regulations
- Thorough understanding of data privacy regulations (GDPR, CCPA)
- Ability to map and interpret security guidelines/controls to the actual implementation of systems, from various Security Frameworks
- Experience with the creation and maintenance of information security policies and guidelines
- Experience with developing and executing security awareness programs and trainings
- Excellent interpersonal and communication skills (in English)
What we offer
- Comprehensive relocation assistance to move to Berlin plus visa application support
- Healthy discount on weekly HelloFresh boxes
- Annual learning and development budget to attend conferences or purchase educational resources plus access to the HelloFresh Academy
- Subsidised childcare with a professional nannying agency
- Free access to Headspace, biweekly in-house yoga classes (remote since March 2020)
- A diverse and vibrant international environment of 70+ different nationalities
- Additional perks include: Free crash course in German, compensation for advanced external German classes, discounts for our neighbouring gym & Urban Sports Club, company events and parties, discount on our Convini vending machines
- The chance to have a significant impact on one of the fastest-growing technology companies in Europe in an exciting growth phase
Are you up for the challenge?
Please submit your complete application below including your salary expectations and earliest starting date.
After submitting an application our team will review this and get back to you within 5 business days.
For insight into our interview process take a look at our recent post here.