Jobs//Hybrid//Boston, MA//Cybersecurity + IT//

Manager, Security Governance

Rapid7
| Hybrid
Sorry, this job was removed at 2:51 p.m. (CST) on Monday, January 10, 2022
View 8064 Jobs
Find out who's hiring remotely in Boston, MA.
See all Remote Cybersecurity + IT jobs in Boston, MA
View 8064 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

As Rapid7 continues to grow and scale our products and customer base, the Trust and Security Governance team leads the efforts to continue to evolve and mature our internal security program, establish and maintain trust with our customers and the community, and collaborate across all of the relevant teams inside the company to build and nurture awareness of our security program, company policies and security risks.

The Manager, Information Security Risk Management is an integral part of our Enterprise Risk Management and Third Party Risk Management programs, leading Information Security Risk Management activities in support of these functions. The Manager, Information Security Risk Management provides leadership to develop and implement consistent information security risk management practices and works closely with stakeholders throughout the organization to drive continued awareness and improvement.

Responsibilities

  • Manage and enhance the information security risk management program, including participation in broader enterprise risk management and third party risk management activities

  • Manage and maintain the information security risk management strategy that guides and informs risk-based decisions, including how risk is defined, assessed, responded to, and monitored over time

  • Ensure information security risk management program and strategy keep pace with evolving global standards, guidelines and regulations

  • Build strong and contextual security governance procedures (charters, steering committees, and approval flows) in relation to the information security risk management and third party risk management functions

  • Enhance and manage the information security risk assessment process against our infrastructure, products and suppliers; establishing key metrics and partnering with stakeholders including IT and engineering teams to ensure appropriate plans are in place to mitigate identified risks and continuously improve the program

  • Identify opportunities for automation within the information security risk management and third party risk management functions and build/implement solutions

  • Provide oversight to ensure information security risk management activities are documented and consistently performed

  • Lead the implementation and ongoing improvement of security training and awareness initiatives that educate stakeholders throughout the company on their role in managing risk and partnering to improve the organizational risk posture

  • Work with PMO to ensure projects are properly scoped, tracked, communicated, and completed in an effective and efficient manner

  • Manage and develop a team of individual direct reports

Qualifications

  • Demonstrated experience with security audits, security control assessments, risk assessments, and/or compliance program management

  • Demonstrated experience creating and documenting risk methodologies, maintaining risk registers, performing risk assessments and driving risk mitigation projects

  • Demonstrated experience with third party risk assessment and management

  • Demonstrated experience with security standards/frameworks such as ISO 27001, SOC 2, PCI, FedRAMP, NIST CSF, etc.

  • Knowledge of applicable regulations such as SOX, GDPR, etc. to manage risk and ensure compliance

  • Experience managing, developing and growing security teams

  • Excellent communication skills, including the ability to communicate security and risk-related concepts to technical and nontechnical audiences

  • Excellent time management and prioritization skills with a strong ability to plan, prioritize, and execute projects independently or in coordination with other teams

  • Effective negotiating, critical thinking and problem-solving skills, including the ability to optimize risk mitigation approaches across diverse business units

Rapid7 (Nasdaq: RPD) is advancing security with visibility, analytics, and automation delivered through our Insight cloud. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,300 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organization. For more information, visit our website, check out our blog, or follow us on LinkedIn

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

An Insider's view of Rapid7

What does your typical day look like?

For the majority of the day it’s a mix of weekly check-ins with various teams, project updates, and the occasional brainstorm.

When I’m not in meetings I’ve got headphones in while planning, writing, or designing — at my desk or perched somewhere around the office.

Grace

Senior Brand Storyteller

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Flexible work schedule
Remote work program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Diversity
Dedicated diversity and inclusion staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Mandated unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity manifesto
Diversity employee resource groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring practices that promote diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Child Care & Parental Leave Benefits
Childcare benefits
Membership with Care.com for backup childcare services. Dependent care Flexible Spending Account to set aside pre-tax dollars for childcare expenses.
Generous parental leave
Family medical leave
Vacation & Time Off Benefits
Unlimited vacation policy
Paid volunteer time
Our employees receive unlimited hours per year of paid volunteer time.
Paid holidays
Paid sick days
Employees receive unlimited hours per year of paid sick leave.
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Some meals provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Company-sponsored happy hours
Onsite office parking
Fitness stipend
Onsite gym
Professional Development Benefits
Job training & conferences
Lunch and learns
Promote from within
Continuing education available during work hours
Online course subscriptions available
Paid industry certifications
View full list of perks + benefits

More Jobs at Rapid7

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Rapid7Find similar jobs like this