The Security Risk Management Lead is a position within the Sprinklr Security Governance, Risk, and Compliance (GRC) team, working with the Director, GRC. Responsible for Security’s risk framework across the Sprinklr teams to identify, assess and mitigate any operational risk that arises from inadequate or failed processes, people, systems or external events while maintaining a balance between risk mitigation and innovation. The role will support GRC and the broader Security Team to deliver a consistent, outstanding service to its global customer base across Sprinklr products and interpersonal functions.
The primary purpose of the role is to lead oversight and monitoring of activities that have the potential to impact the corporate security risk profile. The Lead will drive the identification, measurement, monitoring and controlling of risks within scope to ensure that the risk exposure is within the established limits.
- Assisting the implementation and ongoing monitoring of Risk Management for Security!
- Encouraging a risk-aware culture across the organization in collaboration with the entire Security team.
- Conducting risk assessments, using standardized methodologies, against Information and business assets, and providing recommendations in accordance with corporate policies, standards and controls.
- Supporting leadership and other Security team members to ensure risks are accurately identified, detailed, assessed, monitored, controlled, and reported in a timely fashion.
- Continuously identify and assess risks to processes and assets through various technical and non-technical channels (i.e., security vulnerabilities, audits/assessments, and operational incidents).
- Leading, driving and embedding best practice and pragmatic risk/control management across the organization demonstrating an understanding of the control weaknesses, driving remedial action plans to improve the business, and moving towards the agreed risk position.
- Participate in Internal/External Audit as it relates to documenting or evidencing risk management practices. Assist the business to document, assess, and remediate any risks raised during audit examinations.
- Ensuring reliable data is produced and that measurement/modelling of risks are refined to facilitate more complete analysis/evaluation of risk scenarios.
As this is a global organization, this role may occasionally be asked to attend conference call meetings outside of normal respective office hours.
- 5+ years of performing risk-based analysis, as well as knowledge of information security controls, information assurance, and compliance management.
- A successful track record as a risk management specialist and good knowledge of the operational and regulatory complexities impacting the business from strategic, operational and change perspectives.
- A broad understanding of Information Security risk and controls.
- Basic understanding of ISO27000 and/or NIST Risk Management Frameworks.
- Experience with tracking risks within a GRC tool.
- Gravitas and the capability to provide constructive challenge to the business and ensure threats are assessed adequately and addressed appropriately.
- Strong analytical thinking and interpersonal skills including research and understand sophisticated processes and optimally communicate them to senior management.
- Demonstrated ability to perform process analysis and experience in crafting controls.
- Experience in leading/delivering risk assessments and scenario analysis.
- Good stakeholder and relationship leadership skills.
- Personal integrity, accountability, and the ability take ownership of specific tasks and activities.
- Self-starter who can deliver under pressure.
- Strong written and verbal communication skills with the ability to foster a collaborative working relationship with multiple areas and sophisticated business lines.
- Ability to manage multiple work streams concurrently and deliver timely!
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided