Job Description

At impact.com our culture is our soul. We are passionate about our people, our technology, and are obsessed with customer success. Working together enables us to grow rapidly, win, and serve the largest brands in the world. We use cutting edge technology to solve real-world problems for our clients and continue to pull ahead of the pack as the leading SaaS platform for businesses to automate their partnerships and grow their revenue like never before. We have an entrepreneurial spirit and a culture where ambition and curiosity is rewarded. If you are looking to join a team where your opinion is valued, your contributions are noticed, and enjoy working with fun and talented people from all over the world, then this is the place for you!

impact.com is the global leader in Partnership Automation. We work with enterprise and innovative brands like Ticketmaster, Levi’s, Microsoft, Airbnb, and Uber to help them manage all different types of partnerships. From social influencers, B2B, strategic partners, publishers, and traditional affiliates, we have them covered. Our combined suite of products covers the full life partnership lifecycle including onboarding, tracking ads and paying partners, recruiting for new partners, data and marketing intelligence, and protection from fraud. Founded in 2008 by the same team that founded Commission Junction, impact.com has grown to over 1000 employees and 14 offices across the United States, Europe, Africa, and Asia.

Why this role is exciting: 

As an GRC Controls Administrator you will work with internal and external stakeholders across all squads to contribute to the maturation of impact.com's systems, controls, applications and processes. By assessing and recommending standards and controls, you will work within a team to influence the improvement of impact.com's Cybersecurity Program and work closely with employees and partners to ensure standards are measured, upheld and matured.

 As an individual, you complete tasks and projects with minimal supervision and act as a vital member of the global information security team.

What you will be doing: 

• Participate as a member of the Information Security team in all compliance projects and engagements and initiatives
• Participate in annual PCI-DSS, ISO and SOC assessments and audit
• Assist with requests from internal and external partners and contribute to the Third Party Risk Management process such as vendor onboarding and continuous vendor .
• Participate in engagements with teams across business units to translate governance requirements and standards into tangible controls and
• Stay abreast of emerging compliance regulations and standards with the aim of constantly improving the organisations security posture.
• Be active in the Cybersecurity communities and stay informed on current threats, attack techniques and strategies
• Open to change and ability to pivot to different priorities and situations
• Must be able to work well independently as well as part of a larger team
• Ability to work on a diverse team with a diverse range of people

Does this sound like you?

• Knowledge of Security Frameworks and best practices (PCI-DSS, NIST, ISO27001, etc).
• Experience in IT management workflow solutions such as ServiceNow
• Risk Management frameworks and processes.
• Experience in IT engineering, security governance or related fields
• Threat and vulnerability management policies, systems and remediations
• Ability to translate control requirements into technical 
• Documenting, implementing and measuring controls and processes
• Able to conduct assessments and communication of the results thereof
• An industry related certification (ex. CEH, CISSP, CISA).
• Experience with technical and narrative writing.

Nice to have:

 Affiliate & Partnerships Industry Fundamentals Certification by PXA

Benefits/Perks:

• Casual work environment, including working from home
• Flexible work hours
• Unlimited PTO policy
• Take the time off that you need. We are truly committed to a positive work-life balance, recognising that it is important to be happy and fulfilled in both
• 6 month paternity/maternity leave
• Training & Development
• Learning the advanced partnership automation products
• Medical Aid and Provident Fund 
• Group schemes with Discovery & Bonitas for medical aid
• Group scheme with Momentum for provident fund
• Restricted Stock Units
• 3-year vesting schedule pending Board approval
• Internet Allowance
• Fitness club fee reimbursements

Impact is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, colour, ethnicity, religion, creed, national origin, ancestry, genetics, sex, pregnancy or childbirth, sexual orientation, gender (including gender identity or non-binary or nonconformity and/or status as a trans individual), age, physical or mental disability, citizenship, marital, parental and/or familial status, past, current or prospective service in the uniformed services, or any characteristic protected under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know.