A bit about us
GroundTruth is the leading location-based marketing and advertising technology company. Sitting at the convergence of offline and online data, GroundTruth delivers a unique data set called “visitation data,” which allows brands, agencies, SMBs, and non-profits to drive high-performing business outcomes (ROI). GroundTruth activates this data through a suite of performance products and services via their self-serve advertising platform, through managed services, or tailored partnerships. GroundTruth has built proprietary filtering processes that combines our BlueprintTM contextual mapping technology, owned & operated properties, along with 3rd party mobile location data, together yielding over 30B visits annually.
- Provide assistance with the execution, monitoring and testing of the company’s IT global compliance policies and procedures
- Ensures accurate identification, communication, and mitigation of risks, processes, and internal control gaps with potential adverse operational, financial, strategic and compliance risk implications.
- Own the follow up on action plans to ensure appropriate and timely mitigation of identified risks.
- Work with IT and Engineering stakeholders in auditing current procedures and policies, analyze results, and identify remediation activities
- Assist in developing metrics to measure and track compliance, risk and the effectiveness of the IT cyber security compliance program
- Coordinate response to 3rd party security questionnaires
- Drive company Business Continuity planning, Disaster Recovery, Security Incident Response planning and tabletop exercises
- Assists in the design of automation to enable scalability of the compliance
- Create and maintain data and documentation chronicling company compliance with policies, standards, and regulations
- 3- 5 years of experience in technical audit and/or security
- University degree in Technology, Engineering, Business or equivalent.
- Hands-on experience reviewing and testing common IT & Engineering technologies including OS, databases, network infrastructure, application security, identity framework, Linux/Windows system security, networking, mobile device security, cloud technologies and applications (IaaS, IDaaS, SaaS, PaaS environments, etc.).
- Hands on experience assessing security and compliance risks and controls in technology processes, cloud applications, cloud infrastructure, and on-prem infrastructure.
- Experience formulating audit testing plans, steps, and procedures.
- Strong audit documentation skills.
- Ability to work independently, multitask and lead multiple projects to a timely completion.
- Experience implementing and/or auditing controls from common industry and regulatory frameworks and standards (e.g., NIST-CSF. CIS-CSC, SOC I & II, ISO 27001, PCI-DSS, OWASP, ITIL, etc.) are a plus.
We are an equal opportunity employer and value diversity, inclusion and equity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Applicants with disabilities may be entitled to reasonable accommodations under applicable federal, state and/or local laws. If you need reasonable accommodations in the application process, please reach out to us at firstname.lastname@example.org.