Senior Information Security Analyst

Ibotta is seeking a collaborative, team-focused Senior Information Security Analyst to join our innovative team and contribute to our mission to Make Every Purchase Rewarding.

In this role, you will use your knowledge and experience to lead various compliance initiatives across Ibotta (SOC2, internal audit, security awareness training, etc.), manage incident response and disaster recovery/business continuity programs, and collaborate cross-functionally on information security program development, maintenance, and enforcement to minimize Ibotta’s risk exposure through security by design.

This position is located in Denver, Colorado, or with the option of full-time remote. Candidates must live in the United States.

What you will be doing:

• Embrace and uphold Ibotta’s Core Values:  Integrity, Boldness, Ownership, Teamwork, Transparency and Advocate for Savers.

• Work with stakeholders to define and refine Ibotta’s security policies and procedures to enable a proactive security approach.

• Organize and manage Ibotta’s external SOC 2 assessments.

• Lead and conduct regular cross-functional incident response, business continuity and disaster recovery tabletop exercises, build out and expand programs as necessary.

• Oversee the company security awareness program.

• Subject matter expert (SME) to internal and external customers by providing expertise, advice, and support on security-related inquiries and incidents.

• Have a thorough understanding of Ibotta’s product and operations to identify where new compliance and security efforts could minimize operational risk.

• Conduct third-party/supplier audits, client RFP/due diligence reviews.

• Perform in depth data analysis related to security tool logs and correlate with threat events to execute proactive and corrective actions.

• Monitor and manage security solutions that include vulnerability management tools, cloud security posture management tools, and endpoint protection tools. Design and implement systems and processes to track, monitor, and report compliance with information security policies and procedures as well as security program performance.

• Act on KPI results to make continuous security program improvements.

• Keep abreast of changes to security industry best practices, applicable laws, and security alerts from relevant vendors and sources (ex: US-CERT).

• Recommend and evaluate third party technology and/or services to enhance Ibotta security.

• Assist in the implementation, adoption, and support of technology as needed.

• Coordinate and conduct internal security audits in alignment with SOC 2 standards and principles.

• Participate in 24/7 incident response on-call rotation.

• Coordinate investigation and reporting of security incidents.

• Conduct data-centric risk assessments.

What we are looking for:

• 5+ years of work experience in an information security-based role with direct experience leading security compliance initiatives (ie NIST, PCI, SOX) and SOC2 audits

• Bachelor’s Degree

• Knowledge and hands-on experience with SOC2, NIST frameworks. SOX experience a plus.

• Experience with securing and maintaining compliance in Cloud Environments, AWS preferred.

• Experience with fraud and abuse investigations, incident response

• Security-related certifications (eg. CompTia Security+, CISSP, CISA, CRISC, CSSP, CISM, CEH).

• Experience with risk assessment, controls identification and testing.

• Familiarity with Unix/Linux environments, basic working knowledge of security testing tools (Kali Linux, nmap, Nessus, Burpsuite).

• You can maintain professional, positive demeanor in high-pressure circumstances.

• Ability to look creatively at the big picture, to follow trends beyond obvious attributes.

• Collaborative mindset – a track record of cross-functional success in a team environment.

• Manage multiple projects/issues concurrently.

• Excellent written and verbal communication skills. (A cover letter detailing why you are interested in this specific position is encouraged.)

About Us:

Built in Denver, CO, Ibotta ("I bought a...") is a free mobile shopping app that gives users cash back on groceries and more. Through our partnerships with brands and retailers like Procter & Gamble, Kraft Heinz, Kellogg, Amazon, Walmart, Target and Uber, we’ve delivered over $800 million in cumulative cash rewards to our Savers. Guided by our values and our mission to make every purchase rewarding, we come to work energized by the business problems we get to solve, the technology we get to build, and the people we get to innovate (and have fun) with. Ibotta made Inc.’s 2020 list of the 5000 fastest-growing private companies in the U.S. for the third consecutive year. In 2019, we became the first mobile consumer technology company in Colorado to achieve $1B in valuation.

Additional Details:

• This position is located in Denver, CO, or with the option of full-time remote, and includes competitive pay, flexible time off, benefits package (including medical, dental, vision), Lifestyle Spending Account, 401k match, and equity.

• Base compensation range: $115,000 - $135,000.

• Ibotta is an Equal Opportunity Employer. Ibotta’s employment decisions are made without regard with race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected status

• Applicants must reside in and be currently authorized to work in the United States on a full-time basis.