Sr Cyber Risk Business Partner
Job Description:
Sr. Cyber Risk Business Partner
The Opportunity
We are seeking an experienced security professional to join our Information Security team and be an integral part of developing our Information Security program. Reporting to the Sr. Director of IT GRC, Identity & Asset Management, this person will work closely with many parts of the business, including Engineering, Legal, IT, Support, People and Places, and Finance. Their main focus will be on assessing and communicating business risk and threats. As a Cyber Risk Business Partner, you will also be involved in creating risk, business resilience and security strategy early in the design phase, building up and strengthening the Risk team, evangelizing cyber risk and security across teams, and be the business unit point of contact for security risk initiatives.
Who you are:
- You enjoy building processes from the ground up to streamline initiatives and other programs
- You are an inquisitive, curious, critical thinker who is always looking for innovative ways to solve cyber security problems
- Persistent Problem-Solver- You know what it takes to protect the business and as the business changes, you find ways to handle information security in a practical way
- You are an effective communicator within the information security community and within the business
- You use data, compassion and good judgment to approach business problems
- You enjoy researching, implementing, and instructing security and risk best practices
- You are organized, can be flexible, leverage standard processes, and most importantly, build solutions for any problem with a can-do demeanor.
What you'll own:
- Conducting, tracking, and following up on vendor risk assessments
- Conducting company-wide risk assessments
- Building and refining a risk treatment program
- Building and refining a business resilience program
- Maintaining the company information security risk registry
- Assisting with risk treatment plans associated with identified risks
- Assisting with the development of assessment programs and questionnaires to aid in the identification and mitigation of third party supplier security risks
- Projecting and quantifying potential impact of risk and communicate them in a manner that can be understood at both a technical and executive level
- Assisting with the communication and enforcement of security design, policies, procedures, solutions, and standard processes
- Conduct security research to stay on top of the latest security issues
Experience you'll need:
- Bachelors of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training.
- 5+ years working in Risk, SaaS business, or technology industry.
- Familiarity with security and privacy standards and regulations (E.g. GDPR, SOC 2, PCI, ISO 27001/2)
- Must have one of the following certifications CRISC, CISA, CISSP, CISM.
- Experience in information security risk assessment, business impact analysis, business resilience, auditing processes with a focus on SaaS and/or technical business.
- Excellent organization skills, excellent social skills, problem solving and innovative thinking, attention to detail, ability to work well within a team and have an effective and positive demeanor.
- Ability to travel up to 10%, including internationally
Bring yourself. Pluralsight is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, age or protected veteran status. Pluralsight will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please visit the bottom of our website to learn how to request an accommodation.
For more information on Pluralsight's commitment to building a more diverse and inclusive workforce, please review our most recent Diversity, Equity, Inclusion and Belonging report here.
#LI-SW1