SHOULD YOU ACCEPT THIS CHALLENGE...
The Governance, Risk and Compliance (GRC) team within Pure Storage’s Security Organization (PSO) is responsible for driving maturity in security processes through policies and standards, effective risk management practices and ensuring compliance with contractual and legal requirements.
We are looking for an experienced Sr. Security Risk Analyst to join our growing team. We are redefining the traditional approach to risk management and we want you to be an intrinsic part to the success of this effort.
The Sr. Security Risk Analyst will own the following day-to-day risk management duties.
- Work with engineering teams to identify, evaluate and document security risks on product releases
- Work with architecture and engineering teams to identify technical security risks in solution architecture and design.
- Maintain the risk register and actively collaborate with risk owners on remediation plans to publish a risk heat map .
- Perform risk assessments on new and existing third parties.
- Responsible for creating and publishing relevant reports to show the risk posture of the business and product groups.
- Act as an ambassador at Pure Storage to help drive a culture of security and risk awareness.
- Continually seek opportunities to improve the risk management process through regular review, measurement and action.
WHAT YOU’LL NEED TO BRING TO THIS ROLE...
- Must have 8+ years of proven Risk Management experience.
- Expertise in risk assessment / determination required.
- Expertise in generating meaningful reports to highlight risks required.
- Expertise with risk identification in solution architecture and design.
- Good understanding of Security standards (ISO 31000, NIST CSF) required.
- Solid appreciation of common GRC tools preferred.
- Experience of working at a Technology company preferred.
- Agile experience preferred.
- Self-starter with a proactive attitude.
- Customer-focused, excellent communication skills and the ability to collaborate cross-functionally required.
- Executive presence and excellent verbal and written communication skills
- Bachelor's Degree in Computer Science, or equivalent is required.
- Certifications such as CISA, CISM, CRISC or CISSP are a plus
- Must be willing and able to work in an open office, team environment.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided