At Warby Parker, we’ve proven that businesses can scale, be profitable, and do good in the world. Now, we’re searching for a motivated and experienced Governance, Risk, and Compliance (GRC) Security Analyst to help us on this mission. In this role, you will be supporting the security strategy of the business within new and existing information system capabilities. Consequently, the position requires both an understanding of legacy systems, as well as the latest technologies and requirements. As a key member of the Security team, the GRC Security Analyst must focus not only on compliance, but also on proactive risk management and overall corporate resiliency.
What you’ll do:
- Build strong relationships with internal teams, providing expert guidance on managing, improving, and implementing effective IT and compliance general controls
- Retain expertise in one (or more!) compliance standards, including Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), National Institute of Standards and Technology (NIST), and International Standards Organization (ISO) 27001
- Collaborate closely with external and internal audits, maintain and support audit processes with detailed documentation, reporting, and accompanying technology recommendations
- Support the design, identification, tracking, and testing of key controls for IT systems and applications that impact financial reporting for the company
- Assist with various ongoing risk assessments, analyze findings, document recommendations, and monitor and report on remediation processes to security leadership
- Monitor current and proposed security changes that may impact the regulatory, privacy, and security industries’ best practices
- Assist with ongoing policy design and modification; ensure that the Security team maintains up-to-date configuration documentation for all systems and processes
Who you are:
- The proud owner of a degree in a computer science or an information security-related field (or equivalent work experience)
- Backed by 3+ years of experience as a cybersecurity practitioner
- Equipped with 3+ years of experience working in Governance, Risk, and Compliance functions with a specific focus as a Subject Matter Expert (SME) on Sarbanes-Oxley (SOX) compliance
- Equipped with an understanding of various regulatory requirements and laws, including but not limited to Sarbanes-Oxley (SOX), PCI, HIPAA, CCPA, ISO 27001/2, ITIL, and NIST frameworks
- A well-rounded self-starter with business acumen, security technology skills, and a proven ability to align with security practices and compliance responsibilities
- A team player with excellent written and oral communication skills—you communicate clearly, kindly, and often, both within your department and across the organization
- A proactive problem-solver who is able to manage complex local and international security requirements
- A well-organized, proactive thinker with the vision to position controls in anticipation of threats
Extra credit:
- Experience using GRC systems from vendors such as ProcessUnity, RSA, and ZenGRC
- Cybersecurity or risk-related certifications such as CISA, CISSP, and Security+
Some benefits of working at Warby Parker for full-time employees:
- Health, vision, and dental insurance
- Life and AD&D Insurance
- Flexible vacation policy
- Paid Holidays
- Retirement savings plan with a company match
- Parental leave (non-birthing parents included)
- Short-term disability
- Employee Assistance Program (EAP)
- Bereavement Support
- Education Reimbursement
- Free eyewear
- And more (just ask!)
Warby Parker, in good faith, believes that the posted salary range is accurate for this role in New York at the time of posting. Warby Parker may pay more or less than the posted range based on factors such as relevant experience and skills, qualifications and location, among others. This range may be modified in the future. In addition to base salary, this role is also eligible to receive an equity bonus as part of the total compensation package. Details and eligibility will be discussed during the application process.
New York Pay Range: $113,750 USD - $130,000 USD
If you are a California resident, please review the additional privacy disclosures available in Section 8 of our Privacy Policy, which provides a summary of how we collect, use, disclose, and share personal information about you and explain your rights under the California Privacy Rights Act (“CPRA”).
About Us:
Warby Parker was founded with a mission: to inspire and impact the world with vision, purpose, and style.
We're constantly asking ourselves how we can do more and make a greater impact, and that starts by reimagining everything that a company and industry can be. We want to demonstrate that a business can scale while doing good in the world, without charging a premium for it. And we’ve learned that it takes creativity, empathy, and innovation to achieve that goal.
Since the day we launched in 2010, we’ve pioneered ideas, designed products, and developed technologies that help people see. We offer everything you need for happier eyes at a price that leaves you with money in your pocket, from designer-quality glasses and contacts to eye exams and vision tests, and you can meet us online, at our stores, or even in your home. Wherever and whenever you need it, we’re there to make exceptional vision care simple and accessible. (Delightful, too.)
Ultimately, we believe in vision for all, which is why for every pair of glasses or sunglasses we sell, a pair of glasses is distributed to someone in need through our Buy a Pair, Give a Pair program.