Startup Jobs
Post a Job
Booksy

Security Analyst

full-time Remote

AI overview

Play a key role in enhancing Booksy's security posture by implementing an effective GRC framework and ensuring compliance with industry standards.

Working in a rapidly growing, ever-changing scale-up comes with its own set of opportunities and challenges. If you prefer a stable environment, with clear processes and structures then, we've got to be honest, you won't always find that here. However, if you enjoy inventively solving problems with others, helping create clarity when things get confusing, and prioritising your own path within ambiguity, then the chances are that you'll love the opportunities available to grow your career at Booksy.

The people you’ll like to work with and things you'll enjoy impacting:

As an Security Analyst reporting into the Director of Enterprise Technology in our Enterprise Technology team, your role will play a key part in ensuring the organisation's security posture is robust and aligned with industry best practices and regulatory requirements. As a Security Analyst, you will therefore be responsible for implementing and maintaining an effective GRC framework, conducting risk assessments, and driving continuous improvement of our security controls.

Some of your responsibilities will include:

  • Develop, implement, and maintain an effective GRC framework, including policies, procedures, and standards.
  • Collaborate with other risk-management teams to identify and prioritize security risks.
  • Develop and maintain an inventory of security controls (ITGC) and ensure their effectiveness through regular testing and monitoring.
  • Advise System Owners on the most effective implementation of IT Controls in context of their systems.
  • Conduct internal compliance assessments and assist with regulatory compliance efforts (e.g., NIS2, PCI-DSS, SOX, GDPR).
  • Prepare and present reports on security risks and compliance status to the management.

Requirements

Essentially, to ensure you succeed in this role you’re going to need:

  • Good understanding of technical and organizational security concepts and their consequences for Booksy.
  • Sound experience in defining and operating GRC frameworks and IT Control Frameworks. 
  • Ability to plan inter-team projects including multiple stakeholders. Define expectations from every project member and project timelines. Coordinate project delivery and escalations.
  • Ability to identify risks in around systems and business processes, determine long-term solutions, (backed up by custom analysis) and lead the project to implement them.
  • Experience with security control frameworks (e.g., NIST Cybersecurity Framework, CIS Controls).
  • Knowledge of relevant security standards and regulations (e.g., NIS2, PCI-DSS, GDPR, SOX).
  • Experience with GRC automation tools (e.g., OneTrust, ServiceNow, RSA Archer) is a plus.
  • Relevant certifications (e.g., CISSP, CISM, CISA, CRISC) are a plus.

At a minimum we require conversational level English language skills. Why? English is our company language and is used for any business-wide communications, so we need you to be able to speak English to feel like an integrated part of Booksy.

Benefits

Some of the benefits we offer are:

  • The opportunity to be part of something big - the world's fastest growing beauty marketplace
  • Flexible working hours and opportunity to work remotely within your country
  • Work in a welcoming team which is always ready to help
  • Opportunity to develop in an international environment - we have teams in 6 countries
  • Additional benefits that might differ depending on the location

How AI helps us find great people:

Think of our AI tool as a really smart assistant for our recruitment team. Its job? To help us move faster, stay consistent, and make sure no great candidates are overlooked. Every application goes through the same AI review to help us spot skills that match the role - but don’t worry, AI never makes the decisions. Real people do. Our recruiters and hiring managers handle every final call. And we regularly review how the tool is used to keep things fair, ethical, and compliant with data protection laws. Curious about how it works? You can always ask how AI was used in your application - it won’t affect your chances in any way.

If you have questions, just drop us a note - we’re happy to explain more.

Our Diversity and Inclusion Commitment:

We work in a highly creative and diverse industry so it goes without saying that we strive to create an inclusive environment for all. We welcome people from all backgrounds and are committed to fair consideration in our hiring process. If you have any accessibility needs or require reasonable adjustments during the interview process, please contact us at [email protected], so we can best support you.

Perks & Benefits Extracted with AI

  • Flexible Work Hours: Flexible working hours and opportunity to work remotely within your country
Booksy

Who Are We? We’re Booksy and we have a passion for appointments. Not only do we have a passion for appointments but we strive to make them as easy as possible. Booksy is an appointment scheduling app that helps health and beauty pros amplify their craft and run their businesses without worrying about the boring, nitty gritty details We know what you’re thinking—this is a young and fun company where happy hours are frequent and work consists of free snacks and socializing. Sounds ideal, right? Wrong. While we do enjoy the fun stuff, we take the most pride in owning our roles. Come to work and be present, engaged, and confident that the work you’re doing directly impacts the success of our company and our customers. We’ve come a long way, but we’re looking for people to take us above and beyond because we sure as hell have a ways to go. And on Thursdays, we work extra hard, because happy hour starts at 4 and we can’t be late. Before you get too attached, we want to be transparent with you. We are not hand-holders, or babysitters or a step-by-step IKEA instruction manual or a soccer dad holding a travel mug on the sidelines screaming at you to “trap, tap, and go!” We’re doers and seekers who are looking for people with grit, people who can take an inkling of direction, execute against it, and run like the freakin’ wind. We give you permission to ask for forgiveness.

Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Security Analyst Q&A's
Report this job
Apply for this job