CrawlJobs Logo
SpotHero Logo SpotHero · IT - Administration

Security & Risk Analyst

United States; Canada, Chicago 69600.00 - 87000.00 USD; CAD / Year · Job Posted January 18, 2026
Apply Position
Job Link Share

Job Description

As a Security and Risk Analyst at SpotHero, you will be responsible for safeguarding our marketplace, preventing financial losses, and protecting customer trust. This role is essential to SpotHero’s ability to provide a secure, seamless payment experience and maintain our relationships with our payment partners. The Security and Risk Analyst will identify and stop fraudulent transactions before they occur, reduce dispute ratios and associated fees, and ensure our marketplace remains a trustworthy environment for drivers and partners alike. Your work will directly preserve revenue, reduce chargebacks, and strengthen SpotHero’s risk posture across the platform. This is a great opportunity for someone looking to grow in the areas of data-driven fraud prevention and security operations within a fast-paced dynamic environment.

Job Responsibility

  • Monitor real-time transactions, user activity, and system alerts to identify emerging fraud indicators
  • Investigate suspicious transactions involving CNP fraud, account takeovers, identity misuse, discount/promo abuse, and other marketplace-specific risks
  • Apply a preventative mindset to ensure secure payments and minimize payment disputes, chargeback fees, and operational exposure
  • Analyze transaction data to identify fraud trends, behavioral anomalies, and systemic vulnerabilities
  • Propose rule adjustments, thresholds, and workflow improvements to reduce vulnerabilities and fraud losses
  • Partner with Software Security, Data, Product, Engineering, and Operations to strengthen controls and inform fraud mitigation strategies
  • Provide fraud-focused recommendations during product launches, payment flow updates, or new feature development to ensure preventive controls are embedded early
  • Contribute to the enhancement of dashboards, review queues, case management workflows, and reporting accuracy
  • Identify opportunities to automate manual review tasks and enhance detection logic
  • Maintain precise, audit-ready documentation that supports dispute evidence, compliance requirements, and internal risk governance
  • Contribute to policy and process updates for fraud prevention and security
  • Educate internal teams on fraud awareness and best practices

Requirements

  • 3–5+ years of experience in fraud detection, risk analysis, or payments fraud within a high-volume marketplace, fintech, or e-commerce environment
  • Strong analytical skills with the ability to identify patterns and anomalies in large data sets using dashboards, fraud tools, and/or SQL for deeper pattern analysis
  • Experience working with payment processors and familiarity with chargeback workflows and evidence collection
  • Familiarity with online payment systems, account authentication, or transaction monitoring
  • Strong communication skills for sharing findings, risks, and insights with both technical and non-technical stakeholders
  • Exceptional attention to detail, accuracy in documentation, and the ability to operate independently in a fast-paced environment
  • Knowledge of PCI-DSS and other compliance standards

What we offer

  • We cover a generous portion of Medical Premiums, 50% of Dental and Vision Premiums, company-sponsored Life Insurance, STD, and AD&D coverage, a 401(k) with match and immediate vesting, and comprehensive leave policies
  • Canada: We offer Medical (prescription drug and paramedical coverage), Dental, Vision, Life Insurance, STD, and LTD
  • Flexible PTO policy and outstanding work/life balance
  • Grubhub weekly lunch stipend for in-office days (Uber Eats for Canada)
  • Udemy License and Personal Learning Budget
  • Annual parking stipend
  • The opportunity to collaborate with fun, innovative, and passionate people in a casual yet highly productive atmosphere
  • Our commitment to allyship has been a central driver of how we Respect Fellow Drivers. You’ll have the opportunity to be part of Employee Resource Groups, access allyship learning resources, and actively contribute to our ongoing effort of making SpotHero inclusive for all
  • Employee programs to grow and support our people such as Discovery Days for Product and Engineering, Gearing up for Aspiring Leaders, and Mentorship Program
  • Wellness program – a workplace that actively supports your physical and mental wellbeing through ongoing events, initiatives, resources, and thoughtful perks and benefits
SpotHero - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security & Risk Analyst

8 matching positions

Security Risk Analyst

True Flexibility (Fully Remote): This organization prioritizes the well-being of...
Location
Location
Japan , Tokyo
Salary
Salary:
7000000.00 - 10000000.00 JPY / Year
https://www.randstad.com Logo
Randstad
Expiration Date
May 13, 2027
Flip Icon
Requirements
Requirements
  • 4+ years of practical experience in information security roles
  • Formulation, deployment, and optimization of information security guidelines
  • IT system risk analysis and formulation of improvement plans
  • Definition, design, and implementation of security requirements in collaboration with system departments
  • Ability to proactively lead discussions with stakeholders, and autonomously execute requirements gathering, confirmation of alignment with processes/policies, and evaluation of residual risks
  • Technical background in information security, including cloud infrastructure, SaaS applications, and new technology areas
  • Ability to understand technical content and appropriately communicate it to stakeholders, as well as ability to evaluate the security environment and escalate residual risks to executive management
Job Responsibility
Job Responsibility
  • Driving initiatives and collaborating daily with key stakeholders across the US, EU, and APAC regions
  • Global impact work
What we offer
What we offer
  • True Flexibility (Fully Remote)
  • Robust internal training
  • Corporate culture prioritizing internal promotion
  • Health insurance
  • Pension insurance
  • Employment insurance
  • Saturdays off
  • Sundays off
  • Holidays off
  • Bonus 25%
  • Fulltime
Read More
Arrow Right

Information Security Risk Analyst

We are seeking a proactive, curious and hands-on Information Security Risk Analy...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
optiver.com Logo
Optiver
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 2 years of professional experience in information security, technology risk, GRC, or a related field, ideally in an in-house environment
  • Experience in project management
  • Solid understanding of fundamental information security concepts
  • Comfortable managing multiple priorities concurrently while maintaining high-quality output under time pressure
  • Strong communication skills (written and verbal), with the ability to convey clear, concise updates to both technical and business stakeholders
  • Able to work effectively across global teams and time zones, while also operating independently and knowing when to align
  • Comfortable using modern tools, including data analysis/reporting platforms, and leveraging AI to improve efficiency and quality
  • Pragmatic and structured in problem-solving, with a focus on practical, outcome-driven solutions
  • Proactive, accountable, and curious, with a strong sense of ownership and a desire to continuously learn and deepen expertise
Job Responsibility
Job Responsibility
  • Assist with policy maintenance, tracking implementation progress, and ensuring business adoption across global locations
  • Contribute to regulatory and audit responses by gathering evidence, interpreting requirements, and producing clear, accurate inputs
  • Support the management of the global security training and awareness program
  • Coordinate and support regular security control assessments, risk reviews, and assurance activities to verify that controls are operating as intended
  • Help maintain and strengthen Optiver’s control framework by identifying gaps, driving follow-up actions, and collaborating with technical and business teams
  • Support data analysis and automation efforts to streamline reporting, improve accuracy, and enable more efficient GRC processes
What we offer
What we offer
  • A performance-based bonus structure unmatched anywhere in the industry
  • The opportunity to work alongside best-in-class professionals from over 50 different countries
  • 25 paid vacation days in your first year, increasing to 30 from your second year onwards
  • Training opportunities, discounts on health insurance, and fully paid first-class commuting expenses
  • Extensive office perks, including breakfast, lunch and dinner, world-class barista coffee, in-house physio and chair massages, organized sports and leisure activities, and Friday afternoon drinks
  • Training and continuous learning opportunities, including access to conferences and tech events
  • Competitive relocation packages and visa sponsorship where necessary for expats
  • Fulltime
Read More
Arrow Right

Security risk analyst - Issue and policy exception

We are looking for a highly skilled and motivated analyst to join the policy exc...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree required (MIS, Information Systems, IT, Cybersecurity, or related field preferred)
  • 5–8 years of experience in Governance, Risk & Compliance (GRC), IT risk, information security compliance, or internal audit
  • Minimum 2-4+ years of experience in an IT ticket-based support environment
  • Candidate must be proficient at Microsoft office tools such as Outlook, Excel and suite of Microsoft Tools
  • Strong analytical, problem-solving, and documentation skills
  • Ability to communicate complex concepts to non-technical stakeholders
  • Understanding security controls as they apply to GRC (Governance, Risk, and Compliance) across the enterprise
  • Ability to analyze metrics and generate executive-level reporting and insights
  • Adaptability to a dynamic and fast-paced environment
  • Strong organizational and time management skills
Job Responsibility
Job Responsibility
  • Day to day queue management for the policy exception and issue records
  • Host weekly office hours calls for stakeholder support and the advancement of the records
  • Perform initial ticket triage to ensure healthy records for further processing
  • Monitor tickets and investigate the instances of delay in processing
  • Escalate conditions or concerns to management and leads regularly
  • Communicate in a brief manner via email/text and reliably update the associated tickets for good document practice
  • Fulltime
Read More
Arrow Right

Security Control Analyst - Risk & Controls Specialist

FinXL by Randstad Digital focuses on developing client's Networking, Digital and...
Location
Location
Australia , North Sydney
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience translating NIST 800-53 controls into business-friendly language and practical control requirements
  • Experience defining control requirements, control parameters and implementation guidance
  • Policy, standards, and control documentation writing experience
  • Experience running stakeholder workshops, gathering requirements and working directly with control owners
  • Control assurance, controls testing, evidence collection, and attestation experience
  • Experience in Group Risk, Operational Risk, Technology Risk, Controls Assurance or Compliance
  • Experience & understanding of how security controls operate in practice
  • ServiceNow experience, particularly CAM
Read More
Arrow Right

Risk & Information Security Associate Analyst

We are looking for a highly organized, detail-oriented Risk & Information Securi...
Location
Location
Cyprus , Nicosia
Salary
Salary:
Not provided
www-ap.albourne.com Logo
Albourne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–3 years of professional experience
  • Excellent organizational skills with the ability to manage multiple workstreams and meet deadlines in a dynamic environment
  • Strong written and verbal communication skills, including the ability to prepare concise, well-structured documents and interact professionally across all levels of the business
  • Meticulous attention to detail, particularly in preparing audit materials, compliance documentation, and reviewing access controls
  • Proactive and self-motivated, able to work independently and across time zones without direct daily supervision
  • Comfortable handling sensitive and confidential information with discretion
  • Interest in technology, cybersecurity, and enterprise risk
  • Basic understanding of information security principles and frameworks (e.g., ISO 27001, NIST)
  • Ability to interpret and work with structured information (e.g., policies, risk registers, audit plans)
  • Capable of coordinating inputs from multiple stakeholders and compiling them into coherent outputs (e.g., committee papers, training summaries, client DDQs)
Job Responsibility
Job Responsibility
  • Monitor and report on the effectiveness of information security controls
  • Support the identification, tracking, and resolution of security incidents or weaknesses
  • Assist in maintaining security metrics and dashboards for internal reporting
  • Contribute to the assessment of operational, technology, and third-party risks
  • Assist in evaluating controls and proposing mitigation strategies aligned with risk appetite
  • Participate in internal audits and control testing, ensuring timely remediation of findings
  • Help maintain and enforce security and risk management policies and procedures
  • Support compliance with relevant data protection, privacy, and information security regulations
  • Coordinate periodic user access reviews and assist with awareness initiatives
  • Work across departments to gather risk-related information and support secure business operations
What we offer
What we offer
  • Support for professional qualifications (such as CFA and CAIA)
  • Career growth and tools for ongoing learning and development
  • Medical insurance for you and your dependents
  • Provident fund
  • Yearly bonus dependent upon performance and company growth
  • Opportunity for international travel (i.e., short periods of secondment to other Albourne offices)
  • 5 additional service recognition holidays in surplus to standard annual leave
  • Albourne Training Days (minimum of 40 hours per year)
  • Free office parking
  • A supportive, diverse, and multi-cultural work environment
  • Fulltime
Read More
Arrow Right

Security Governance Risk & Compliance (GRC) Analyst

Here at Virtru you’ll help build a cutting edge security compliance program alig...
Location
Location
United States , Washington, DC
Salary
Salary:
130000.00 - 180000.00 USD / Year
virtru.com Logo
Virtru
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
  • Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
  • Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
  • You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
  • Have experience training and coaching teams to become better security and privacy practitioners
  • Like working on an autonomous agile team
  • Ability to resolve conflicts and drive issues to completion
  • Work independently with little or no supervision while maintaining a high level of efficiency
  • Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
  • Real-world IR experience participating on security On-Call teams
Job Responsibility
Job Responsibility
  • Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
  • Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
  • Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
  • Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
  • Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
  • Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
  • Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
  • Enhance the team with your individualism, spirit, and love of learning
What we offer
What we offer
  • A Flexible PTO policy
  • A $1,500 annual Learning & Development Stipend
  • Frequent company-sponsored team celebrations
  • Access to an Employee Assistance Program
  • Access to Headspace, a mental health app
  • A flat 3% contribution to your retirement account
  • A high degree of flexibility
  • Competitive compensation
  • Generous parental, medical, and bereavement policies
  • 401K contribution and stock options
  • Fulltime
Read More
Arrow Right

Security Analyst / Security Coordinator

Arthur Lawrence is looking for a Security Analyst / Security Coordinator one of ...
Location
Location
United States , Orlando, FL
Salary
Salary:
Not provided
arthurlawrence.net Logo
Arthur Lawrence
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of IT experience in systems analysis, application support, or database administration
  • Knowledge of information security concepts, risks, and access control
  • experience with identity/access management platforms a plus
  • Bachelor’s degree in computer science, Information Systems, or related field, or equivalent experience
Read More
Arrow Right

Technical Support Analyst III (EHR Security Analyst)

Location
Location
United States , Richmond
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of IT experience (5+ years preferred in relevant areas)
  • Strong understanding of EHR systems and security frameworks
  • Experience with: Active Directory (AD)
  • Single Sign-On (SSO)
  • Multi-Factor Authentication (MFA)
  • Identity and access management solutions
  • Knowledge of HIPAA, HITECH, and healthcare security regulations
  • Strong troubleshooting skills related to EHR security and access issues
  • Experience supporting applications in a fast-paced environment
  • Excellent communication and collaboration skills
Job Responsibility
Job Responsibility
  • Define, manage, and maintain EHR security roles, access controls, and user permissions
  • Map and maintain position definitions, including Millennium Position Preferences and OHPAC security groups
  • Provide Tier 1 support to EHR end users for access and security-related issues
  • Collaborate with IT, Security Officers, and compliance teams to develop and enforce security policies
  • Monitor user access and activity to ensure appropriate system usage
  • Conduct internal audits and identify potential risks or vulnerabilities
  • Assist in user provisioning and deprovisioning processes
  • Investigate and respond to security incidents, ensuring proper documentation and resolution
  • Support system upgrades, patches, and maintenance activities (Cerner/OHPAC)
  • Participate in audits (internal and external) and ensure compliance readiness
Read More
Arrow Right