The ideal candidate will be a Risk or Operations veteran and leader with a demonstrable record of building technical and operational practices that operate a SaaS business environment and cloud infrastructure. We are looking for someone who understands running technology as a business and the technical strategies and programs that are key to meeting business requirements. Additionally, this candidate will possess great organizational and collaboration skills, a keen sense of process improvement, and a strong desire to collaboratively tackle multi-faceted issues and problems using technology and building coalitions around prioritizing initiatives!
Who you're committed to being:
- Enjoyment for building processes from the ground up to cross-collaborate initiatives and other programs
- Inquisitive, curious, critical thinker who is always looking for better ways to solve cyber security problems
- A persistent problem-solver; you know how to protect the business and as the business changes, you find ways to manage information security in a practical but secure way
- An effective communicator within the information security community and within the business
- Data driven, empathetic, and applying good judgement to approach business problems
- Research prone, implementing, and teaching security and risk standard methodologies
- Organized, flexible, use standard methodologies, and most importantly, build solutions for any problem with a can-do demeanor
What you'll own:
- Leading all aspects of, conducting, tracking, and following up on vendor risk assessments
- Conducting company-wide risk assessments
- Building, modeling, sculpting, and refining a risk treatment program
- Maintaining the company risk registry
- Assisting with risk treatment plans associated with identified risks
- Support with the development of assessment programs and questionnaires to aid in the identification and mitigation of third party supplier security risks
- Projecting and quantifying potential impact of risk and communicate them in a manner that can be understood at both a technical and executive level
- Conduct security research to stay on top of the latest security issues
- Responsible for the tracking, timeliness, and carried out completion of projects with junior team members
- Reviewing the work of junior team members and providing a point of reference for any issues or concerns
- Dashboard building to provide data-driven reporting and drive team efficiency
Experience you'll need:
- Bachelors of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training
- 7+ years working in Risk, SaaS business, or technology industry.
- Familiarity with security and privacy standards and regulations (E.g. GDPR, SOC 2, PCI, ISO 27001/2)
- Applicable industry certifications (e.g., CIPP/E, CRISC, CISA, CISSP, CISM etc.)
- Experience in information security risk assessment, business impact analysis, auditing processes with a focus on SaaS and/or technical business
- Experience with leading or overseeing projects to ensure timeframes are met
- Excellent organization skills, interpersonal skills, problem solving and innovative thinking, attention to detail, ability to work well within a team and have a conducive and positive demeanor
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Bring yourself. Pluralsight is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status.