Job details

Senior Security Analyst, Risk & Compliance

Turo is the world’s largest car sharing marketplace where you can book the perfect car for wherever you’re going from a vibrant community of trusted hosts across the US, UK, Canada, Australia, and France. Whether you're flying in from afar or looking for a car down the street, searching for a rugged truck or something smooth and swanky, Turo puts you in the driver's seat of an extraordinary selection of cars shared by local hosts.

About the team

Turo is searching for a highly motivated and versatile Senior Security Analyst (Governance, Risk and Compliance) to join our IT & Security governance team. Under the guidance of the Sr. Director, IT & Security and working closely with our Security Engineering Team Lead, you will own the responsibilities of managing third-party risk assessments (vendors, professional services, managed services, etc), managing the risk register and developing key security risk metrics. Furthermore, you will be the point person for running external security and compliance audits - for example - SOC 2 Type 2, ISO 27001, SOX ITGC, while ensuring GDPR and CCPA compliance is met.

Additionally, you will work in depth with other internal teams within Turo to ensure Turo meets our Security, Privacy and Compliance commitments. You will partner with counterparts in IT & Security, Internal Audit, Privacy, and Legal teams to help us manage and maintain our security risk management program, and work closely with the business stakeholders and procurement partners to ensure a smooth vendor purchasing and on-boarding experience.

What you will do

Engage with cross platform teams across Turo to understand the Security, Privacy and Compliance aspects of the business with risks associated with third parties.,
Assist in implementation and evaluation of regulatory compliance initiatives along with third party external audits to help Turo achieve compliance in the following frameworks - SOX ITGC, SOC 2 Type 2, ISO 27001/2/17&18, GDPR and CCPA.
Work with our Security team in successfully completing third party external audits of the above mentioned frameworks and assist in GAP analysis, evidence gathering, reporting and dash-boarding of tasks due for the audit.
Maintain and update security and compliance policies and procedures and ensure current processes follow the written standard across all teams.
Own security risk management at Turo. Maintain risk register, add new risks, track current ones and work on resolution by partnering with cross functional teams.
Build, maintain, and optimize our security GRC technology stack.
Bring your creativity to bear by proposing innovative approaches and emerging technologies to help solve security compliance challenges
Stay up to date on emerging information technology trends and security standards.

Your profile

4+ years of experience in Privacy, Security, Compliance and Risk Management.
Thorough and working knowledge of global security, privacy, and/or risk management regulations, standards, and frameworks.
Advanced knowledge of CSPs primarily with AWS and its Security and Compliance services.
Working knowledgeable of ticketing systems such as JIRA, ServiceNow and GRC tools such as ZenGRC, LogicGate, and OneTrust.
Experience with security audit frameworks such as SOX, ISO 27001/2, GDPR, CCPA, SOC2, etc.
A Bachelors in Computer science, Information Systems, Engineering, or Cybersecurity or relevant work experience

Bonus if you have

The proven ability to work independently with minimal supervision and ability to perform and oversee complex tasks and prioritize multiple tasks based on overall strategic goals
Real passion for technology and desire to tackle complex problems with creative solutions
The capability to interface with multiple levels of the organization and to serve as an influencer and a team player
Strong presentation, facilitation, and written/verbal communication skills
Masters in Computer Science, Information Security or related degree

The San Francisco base salary target range for this full-time position is $157,000-$175,000 + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position in this location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your work location during the hiring process.
#LI-KC1

#LI-EG1

Benefits

Competitive salary, equity, benefits, and perks for all full-time employees
Employer-paid medical, dental, and vision insurance (Country specific)
Retirement employer match
$2,000 Learning & Development stipend to invest in your professional development
$1,000 USD Turo host matching and $1,500 USD vehicle reimbursement program
$100 USD Monthly Turo travel credit
Cell phone, internet and Fringe benefit stipend
Paid time off to relax and recharge
Paid holidays, volunteer time off, and parental leave
For those who are in the office full-time or hybrid we have weekly in-office lunch, office snacks, and fun activities
Annual Turbo Week (week-long, company-wide conference)

We are committed to building a diverse team. If you are from a background that's underrepresented in tech, we'd love to meet you.

Aside from an award winning work environment and the opportunity to be part of the world’s largest car sharing marketplace, we are also growing the team quickly - join us! Even if you don't meet every qualification, we are looking for people with enthusiasm for what we do and we will consider you for this and other possibilities.

Turo is an Equal Opportunity Employer and a participant in the U.S. Federal E-Verify program. Women, minorities, individuals with disabilities and protected veterans are encouraged to apply. We welcome people of different backgrounds, experiences, abilities and perspectives.

Turo will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance, as applicable.

We welcome candidates with physical, mental, and/or neurological disabilities. If you require assistance applying for an open position, or need accommodation during the recruiting process due to a disability, please submit a request to People Operations by emailing PeopleOps@turo.com.

About Turo

Discover Turo at https://turo.com, the App Store, and Google Play, and check out our blog, Field Notes.

Read more about the Turo culture according to Turo CEO, Andre Haddad.