GRC Security Risk Manager (Remote)

Posted 13 Hours Ago
Be an Early Applicant
Hiring Remotely in USA
Remote
Expert/Leader
Cloud • Information Technology • Sales • Security • Cybersecurity
Define your future at CrowdStrike.
The Role
The GRC Security Risk Manager at CrowdStrike is responsible for overseeing cybersecurity risk management programs, ensuring compliance with policies, collaborating with various teams, and enhancing the GRC strategy to improve organizational security. This role involves leading a team, implementing risk management frameworks, and continuous improvement of cybersecurity processes.
Summary Generated by Built In

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike is seeking a highly experienced GRC Security Risk Manager to oversee and manage our cybersecurity risk management, issues and exceptions management, policy governance, and control framework programs. This critical role will play a key part in ensuring the security and integrity of our organization.

  • Oversee and manage CrowdStrike's cybersecurity risk management, issues and exceptions management, policy governance, and control framework programs

  • Identify, assess, measure, monitor, and report on information security risks

  • Track and remediate security issues and exceptions

  • Govern security policy, standards, and controls through CrowdStrike's Governance, Risk, and Compliance (GRC) program

  • Collaborate with Security teams, Engineering, and Internal Audit to ensure alignment and effective risk management

  • Lead organizational efforts in defining, establishing, managing, and enforcing cybersecurity policies, standards, and procedures

What You'll Do:

Team Leadership:

  • Lead a team of four people, ensuring their engagement, development, and performance in alignment with expectations.

Program Development and Management:

  • Develop and implement a comprehensive cybersecurity risk management program to identify, assess, and mitigate risks across the organization.

  • Build out the issues and exceptions management program to improve efficiency, effectiveness, user experience, and program scope.

  • Mature the policy governance program through content enhancement, stakeholder engagement, and enterprise awareness.

GRC Strategy and Alignment:

  • Help create and drive GRC strategy to increase business value and improve overall maturity of the GRC organization.

  • Align with cross-functional teams, including IT, business units, procurement, Legal, Product Security, and other stakeholders to ensure a comprehensive approach to security and compliance.

Continuous Improvement:

  • Proactively identify areas of improvement within Cyber GRC and lead efforts to address and remediate.

  • Perform other duties within the scope of GRC.

What You'll Need:

Education and Experience:

  • At least 10+ years of job-related experience in a related field, with a preferred BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, Cybersecurity, or other related field.

Technical Skills:

  • Proven experience in security risk management, including risk assessments, issue management, policy governance, and risk mitigation, with expertise in GRC tool implementation (ServiceNow).

  • Practical experience with policy and regulatory requirements such as SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, PCI-DSS and frameworks such as NIST Risk 800-34, NIST 800-53, etc.

  • Advanced technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.

Soft Skills:

  • Proven track record of successfully collaborating with cross-functional teams across multiple regions to achieve business objectives.

  • Ability to build rapport and maintain relationships across functions within the company, with external vendors, and with governmental teams.

  • Ability to think strategically about risks and tie those risks to tactical organizational activities.

Program and Project Management:

  • Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.

Bonus Points:

  • Experience with leading GRC products, such as ServiceNow, and/or cloud environments, including CrowdStrike products or services.

  • Practical experience in Software Development and Secure Coding best practices.

Ideal Candidate: We're looking for a seasoned security professional with expertise in risk management, cybersecurity principles, and effective communication.

  • Expert-level understanding of current processes and a proactive approach to improving CrowdStrike's risk posture and GRC program

  • Strong collaboration and communication skills, with the ability to work effectively across all levels of the organization

  • Relevant certifications (e.g. CISSP, CISM, CRISC) and experience in a similar role

What We Offer: The opportunity to work in a fast-paced, secure, and empowered environment in the tech industry, with a team of experienced security professionals.

#LI-Remote
#LI-RC1

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $0 - $0 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:02-24-2025

What the Team is Saying

Andrew C.
Lauren P.
Brian P.
Alexa Z.
Theo K.
Sara I.
Lam N.
Lauren B.
Adeeb C.
Kristan C.
Alena C.
Thaddeus M.
Alyssa J.
KT T.
The Company
HQ: Austin, TX
10,000 Employees
Hybrid Workplace
Year Founded: 2011

What We Do

CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks.

The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team.

We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?

Why Work With Us

We have a culture that celebrates achievement, encourages flexibility and innovation and thrives on teamwork. We all work towards a single mission: to stop breaches. This common goal drives a sense of community and connection among our people across the globe.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

CrowdStrike Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
HQAustin, TX
Singapore
Osaka
Aarhus, DK
Arlington, VA
Barcelona, ES
Bengaluru, IN
Brussels, BE
Bucharest, RO
Cheltenham, GB
Copenhagen, DK
Dubai, Dubai
Irvine, CA
Kirkland, WA
Minneapolis, MN
Mumbai, IN
New Delhi, IN
Pune, IN
Reading, GB
Riyadh, SA
St Louis, MO
Sydney, Sydney
Tel Aviv-Yafo, IL
Tokyo, Japan
Learn more

Similar Jobs

CrowdStrike Logo CrowdStrike

TAC Malware Triage Intern - Summer 2025 (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
VA, USA
10000 Employees

CrowdStrike Logo CrowdStrike

Business Partner, MSSP Field Alliances Operations (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
USA
10000 Employees
150K-240K Annually

CrowdStrike Logo CrowdStrike

Sr. Active Defense Analyst - 2nd Shift (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
10 Locations
10000 Employees
95K-160K Annually

CrowdStrike Logo CrowdStrike

Windows Sustaining Software Engineer (SaO) - Sensor (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
6 Locations
10000 Employees
110K-180K Annually

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account