SHOULD YOU ACCEPT THIS CHALLENGE...
The Governance, Risk and Compliance (GRC) team within Pure Storage's Global Information Security Office (GISO) is responsible for driving maturity in security processes through policies and standards, effective risk management practices and ensuring compliance with contractual and legal requirements.
We are looking for an experienced Sr. Security Risk Analyst to join our growing team. We are redefining the traditional approach to risk management and we want you to be an intrinsic part to the success of this effort.
The Sr. Security Risk Analyst will own the following day-to-day risk management duties.
Work with engineering teams to identify, evaluate and document security risks on product releases
Work with architecture and engineering teams to identify technical security risks in solution architecture and design.
Maintain the risk register and actively collaborate with risk owners on remediation plans to publish a risk heat map .
Perform risk assessments on new and existing third parties.
Responsible for creating and publishing relevant reports to show the risk posture of the business and product groups.
Act as an ambassador at Pure Storage to help drive a culture of security and risk awareness.
Continually seek opportunities to improve the risk management process through regular review, measurement and action.
WHAT YOU'LL NEED TO BRING TO THIS ROLE...
Must have 8+ years of proven Risk Management experience.
Expertise in risk assessment / determination required.
Expertise in generating meaningful reports to highlight risks required.
Expertise with risk identification in solution architecture and design.
Good understanding of Security standards (ISO 31000, NIST CSF) required.
Solid appreciation of common GRC tools preferred.
Experience of working at a Technology company preferred.
Agile experience preferred.
Self-starter with a proactive attitude.
Customer-focused, excellent communication skills and the ability to collaborate cross-functionally required.
Executive presence and excellent verbal and written communication skills
Bachelor's Degree in Computer Science, or equivalent is required.
Certifications such as CISA, CISM, CRISC or CISSP are a plus
Must be willing and able to work in an open office, team environment.
The annual base salary range is: $130,000.00 – $196,000.00
Salary ranges are determined based on role, level and location. For positions open to candidates in multiple geographical locations, the base salary range is reflective of the labor market across the applicable locations.
This role may be eligible for incentive pay and/or equity.
And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events - check out purebenefits.com for more information.
There is no application deadline and we accept applications on an ongoing basis until the job is filled.
#LI-ONSITE