Build your career in cybersecurity -
your way

Company Description

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact.

As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you’re interested in working with a passionate team of people who care about the future of Philadelphia, start here.

What we offer

• Impact - The work you do here matters to millions.
• Growth - Philadelphia is growing, why not grow with it?
• Diversity & Inclusion - Find a career in a place where everyone belongs.
• Benefits - We care about your well-being.

Agency Description

The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia’s businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city’s technology assets and the return on the city’s technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency.

In partnership with the Office of the Chief Administrative Officer (CAO) and the Office of the Director of Finance, the Office of Innovation and Technology (OIT) is undertaking a major Citywide project to modernize core financial, grants, procurement, and supply chain business processes. This project (Optimize Procurement and Accounting Logistics Enterprise Resource Planning and Data Warehouse/Business Intelligence Tool, or “OPAL ERP and DW/BI project”) will replace the existing General Ledger and Procurement systems (i.e. FAMIS, ADPICS, ACIS, PHLContracts, etc.) that support these business processes and will enable the City to realize benefits such as reducing transaction processing time and effort, providing better access to information for reporting and analysis, and making it easier to onboard new employees into these functions.

• Gather and document security and access control requirements.
• Meet with functional areas to understand desired controls, segregation of duties and data access requirements.
• Document role-based security profiles for each functional area including require functions and data access for each role.
• Participate in discovery activities with the ERP vendor(s) and share documented requirements.
• Work with functional areas to refine requirements as needed based on future ERP system capabilities and vendor recommendations.
• Learn ERP system functionality including security and access control capabilities.
• Participate in training sessions.
• Review and understand system documentation.
• Configure and deploy security and access controls.
• Participate in development activities when required by ERP vendor(s)
• Validate decisions made by ERP vendor(s) match requirements.
• Document configurations to facilitate future support of access controls and security.
• Participate in other required activities to meet delivery schedule.
• Execute and document unit test cases.
• Develop test cases based on required controls, segregation of duties and data access.
• Validate test cases with functional areas.
• Perform and document testing activities and share results with ERP vendor(s).
• Provide weekly tasks reports to development leads.
• Update and maintain access profiles as needed for any changes in application.
• Prepare for software updates and identify required testing scenarios.
• Review system enhancements and documentation as they are released by the vendor(s).
• Participate in regression testing efforts.
• Monitor system security and access controls.

Required Qualifications

• Completion of a Bachelor's or Master’s degree in information systems, computer engineering, or a related field or equivalent experience.
• 2 – 5 years of experience with ERP systems (Workday), workflows and system security.

Preferred Qualifications

• Experience with implementing ERP and/or DW/BI solutions strongly preferred.

TO APPLY: Interested candidates must submit a cover letter, writing sample, references and resume.

Salary: $90,000

Did you know?

• We are a Public Service Loan Forgiveness Program qualified employer
• 25% tuition discount program for City employees (and sometimes spouses and dependents as well) in partnership with area colleges and universities
• We offer Comprehensive health coverage for employees and their eligible dependents
• Our wellness program offers eligibility into the discounted medical plan
• Employees receive paid vacation, sick leave, and holidays
• Generous retirement savings options are available

The successful candidate must be a city of Philadelphia resident within six months of hire

Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated.

The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at 215-686-4670 or send an email to [email protected].

For more information, go to: Human Relations Website: http://www.phila.gov/humanrelations/Pages/default.aspx

What’s so interesting about this role?

As we enter our second year as a public company, Grindr is building on the success we’ve had over our 15-year history in connecting, supporting, and improving the lives of the LGBTQ+ community globally.

As the Director of Cybersecurity at Grindr, your primary focus would be to safeguard the platform's integrity, user data, and privacy while fostering a secure environment for the LGBTQ+ community. Grindr, as a leading social platform for millions of users worldwide, has a unique responsibility to protect its user base from potential threats, given the sensitive nature of the data exchanged on the platform. A successful candidate will bring a strong background in cybersecurity strategy, risk management, and privacy advocacy, ensuring that Grindr remains not only a safe space but also a leader in digital safety for its community.

About Grindr

Grindr is building the global gayborhood in your pocket. With more than 13.5 million monthly active users, Grindr has become a fundamental part of the LGBTQ+ community and is charting a path to make the world more free, equal, and just. Since 2015, Grindr for Equality has advanced safety, health, and human rights for millions of Grindr users and the global LGBTQ+ community in partnership with more than 100 community organizations in every region of the world.

Our next evolution is underway as a public company that continues to grow and build meaningful experiences for our users. From social issues to product innovations, we're setting audacious goals for our community and the business, and leveraging the latest tech stacks and a culture of engineering excellence to make it happen. At the heart of our work in this new chapter is a shared set of operating principles centered around cultivating curiosity, thinking big, setting and expediting our ambitious goals, and growing through iteration; all while keeping our users #1.

Grindr is headquartered in West Hollywood, California, with offices in the Bay Area, Chicago, and New York.With a track record of strong financial performance and plans for continued headcount growth, we’re building a team of talented, passionate, and open-minded people who want to disrupt the dating app space, innovate products, and advance LGBTQ+ culture. Come be a part of this exciting journey with us.

• Implementing and maintaining a cybersecurity program that aligns with business objectives as well as industry-leading frameworks and best practices.
• Leading a team focused on maintaining a risk management program for the company that covers cybersecurity and other critical operations of the business.
• Designing, implementing, and maintaining a robust vulnerability and patch management program that covers all company data assets.
• Ensure that emerging threats are understood and assessed for potential impact and loss of function to our business operations.
• Maintain compliance with multiple regulations and frameworks such as SOX and NIST-Cybersecurity framework, specifically.
• Lead efficient and proactive communications with stakeholders to ensure clarity and alignment on cybersecurity efforts and priorities.
• Collaborate with external auditors and stakeholders to ensure alignment with large compliance efforts.
• Managing an enterprise budget for cybersecurity tools and resources including forecasting and planning.
• You will help to foster diverse thoughts and ideas among your team. Becoming a key part of Grindr’s engineering culture of diversity.

What We'll Love About You

• You have at least 7+ years of experience in leading or managing a program + teams of engineers and enjoy a player-coach role. You can coach and mentor other engineers on best engineering practices as well as their careers!
• Demonstrated knowledge of security technologies, threat analysis, incident response, and security architecture.
• In-depth knowledge of relevant regulations, including Sarbanes-Oxley (SOX), HIPAA, PCI-DSS, and GDPR.
• Strong understanding of business operations and risk management principles.
• Ability to work with product partners to build user-facing safety features, enhance safety protocols, and develop automated tools that address Trust & Safety needs.
• Demonstrates ability to identify safety gaps in new products and define scalable solutions that protect users.
• Strong understanding of cloud platforms, AWS & GCP preferred.
• Deep knowledge of modern deployment pipelines and experience with implementing security controls into the SDLC, GitHub Actions, and Terraform modules are preferred.
• You have been working closely with various levels of business stakeholders, from the C-Suite, VP level, and down, and understand value alignment.
• You have excellent communication, presentation, and documentation skills with the ability to define and communicate the \“big picture\” to key stakeholders at various levels.
• You enjoy working in an in-office environment and collaborating face-to-face with engineers at least 2 days per week.

We'll Really Swoon If You Have

• Experience working within the social networking or dating industry would be a plus.
• Knowledge of Terraform, Helm, Ansible, Chef, Cloudformation, and/or other configuration management tools.
• Experience leading employees through security training and awareness.

This is a hybrid role based in our Chicago or San Francisco offices and will require you to be in the office on Tuesdays and Thursdays.

What you'll love about us

• Mission and Impact: Grindr is building the global gayborhood in your pocket. Your role will impact the lives of millions of LGBTQ+ people around the world. Through our success, we are making a world where the lives of our community are free, equal, and just.
• Family Insurance: Insurance premium coverage for health, dental, and vision for you and partial coverage for your dependents.
• Retirement Savings: Generous 401K plan with 6% match and immediate vest in the U.S.
• Compensation: Industry-competitive compensation and eligibility for company bonus and equity programs.
• Queer-Inclusive Benefits: Industry-leading gender-affirming offerings with up to 90% cost coverage, access to Included Health, monthly stipends for HRT, and more.
• Additional Benefits: Flexible vacation policy, monthly stipends for cell phone, internet, wellness, food, and commuting, breakfast/lunch provided onsite, and yearly travel & leisure stipend.

Grindr is an equal-opportunity employer

To learn more about how we handle the personal data of applicants, visit our Employee and Candidate Privacy Policy.

#LI-Hybrid

Grindr is committed to fair and equitable compensation practices. This base pay range is for the U.S. and is not applicable to locations outside of the U.S. The actual base pay is dependent upon many factors, such as training, transferable skills, work experience, business needs, location, and market demands. The base pay range is subject to change and may be modified in the future. This role will also be eligible for equity, benefits, and a company bonus program.

Chicago Base Pay Range

$218,500 — $257,000 USD

Bay Area Base Pay Range

$249,000 — $293,000 USD

Summary Information about the role

The IT Security Compliance Analyst will have exposure to multiple security and technology areas within the Security Risk and Compliance team and the Bank. Additionally, you will be joining a growing financial services firm with strong culture for excellence with respect to People, Performance and Possibilities.

The IT Security Compliance Analyst’s primary focus is supporting ongoing cybersecurity compliance functions including metric reporting, security policies/procedures, security risk assessments and security education and awareness initiatives. This role requires an individual with knowledge of cybersecurity risk and control frameworks, as well as basic understanding of control testing. Additionally, the role will work closely with other cybersecurity functions to identify opportunities for program and process improvement and supporting implementation of those ideas.

Company Overview

Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona, Alliance Association Bank, Bank of Nevada, Bridge Bank, First Independent Bank, and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC.  AmeriHome Mortgage is a Western Alliance Bank company. Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race, sex, color, religion, age, nation origin, marital status, disability, protected veteran status, sexual orientation, gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying, please email HR@westernalliancebank.com or call 602-386-2488.  When contacting us, please provide your contact information and state the nature of your accessibility issue.  We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process. © Western Alliance Bancorporation

• Support ongoing cybersecurity compliance functions including reporting, security risk assessments and security education and awareness initiatives.
• Collect, validate, and develop reporting on department key risk indicators for senior leadership
• Maintain and report department metrics and tracking tools for various cybersecurity compliance programs.
• Maintain procedures and desk instructions to reflect enhancements and changes to the programs within the department.
• Support requests from internal audit and second line functions.
• Comfort level in asking questions, taking initiative, and building relationships within the team and with other key stakeholders across the company.

Required Qualifications

• Bachelor’s degree in computer science, accounting, finance, or other degrees with relevant information/cyber security work experience.
• At least three to five years of experience in an audit, information security, or cybersecurity risk and controls related role.
• Awareness of cybersecurity and financial services industry.
• Computer proficiency in programs such as SharePoint and the Microsoft Office Suite (Excel, Word, Powerpoint, etc.)
• Practical recent experience with information security frameworks, such as NIST CSF.
• Self-starter with interest in internal controls, technology, and information security.
• Exceptional organizational, analytical, and problem-solving capabilities.

Preferred Qualifications

• Industry certifications (CISA, CRISC, CISM, etc.) preferred but not required.

Benefits you’ll love:

We offer all the important things you'd want — like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you’ll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!