GRC Security Risk Manager (Remote) at CrowdStrike, Inc. in Sunnyvale, California
Posted in Management 3 days ago.
Job Description:
CrowdStrike, Inc.Full time
R21515
About the Role:
CrowdStrike is seeking a highly experienced GRC Security Risk Manager to oversee and manage our cybersecurity risk management, issues and exceptions management, policy governance, and control framework programs. This critical role will play a key part in ensuring the security and integrity of our organization.
Oversee and manage CrowdStrike's cybersecurity risk management, issues and exceptions management, policy governance, and control framework programs
Identify, assess, measure, monitor, and report on information security risks
Track and remediate security issues and exceptions
Govern security policy, standards, and controls through CrowdStrike's Governance, Risk, and Compliance (GRC) program
Collaborate with Security teams, Engineering, and Internal Audit to ensure alignment and effective risk management
Lead organizational efforts in defining, establishing, managing, and enforcing cybersecurity policies, standards, and procedures
What You'll Do:
Team Leadership:
Lead a team of four people, ensuring their engagement, development, and performance in alignment with expectations.
Program Development and Management:
Develop and implement a comprehensive cybersecurity risk management program to identify, assess, and mitigate risks across the organization.
Build out the issues and exceptions management program to improve efficiency, effectiveness, user experience, and program scope.
Mature the policy governance program through content enhancement, stakeholder engagement, and enterprise awareness.
GRC Strategy and Alignment:
Help create and drive GRC strategy to increase business value and improve overall maturity of the GRC organization.
Align with cross-functional teams, including IT, business units, procurement, Legal, Product Security, and other stakeholders to ensure a comprehensive approach to security and compliance.
Continuous Improvement:
Proactively identify areas of improvement within Cyber GRC and lead efforts to address and remediate.
Perform other duties within the scope of GRC.
What You'll Need:
Education and Experience:
At least 10+ years of job-related experience in a related field, with a preferred BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, Cybersecurity, or other related field.
Technical Skills:
Proven experience in security risk management, including risk assessments, issue management, policy governance, and risk mitigation, with expertise in GRC tool implementation (ServiceNow).
Practical experience with policy and regulatory requirements such as SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, PCI-DSS and frameworks such as NIST Risk 800-34, NIST 800-53, etc.
Advanced technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.
Soft Skills:
Proven track record of successfully collaborating with cross-functional teams across multiple regions to achieve business objectives.
Ability to build rapport and maintain relationships across functions within the company, with external vendors, and with governmental teams.
Ability to think strategically about risks and tie those risks to tactical organizational activities.
Program and Project Management:
Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.
Bonus Points:
Experience with leading GRC products, such as ServiceNow, and/or cloud environments, including CrowdStrike products or services.
Practical experience in Software Development and Secure Coding best practices.
Ideal Candidate: We're looking for a seasoned security professional with expertise in risk management, cybersecurity principles, and effective communication.
Expert-level understanding of current processes and a proactive approach to improving CrowdStrike's risk posture and GRC program
Strong collaboration and communication skills, with the ability to work effectively across all levels of the organization
Relevant certifications (e.g. CISSP, CISM, CRISC) and experience in a similar role
What We Offer: The opportunity to work in a fast-paced, secure, and empowered environment in the tech industry, with a team of experienced security professionals.
#LI-Remote
#LI-RC1
CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
Right to Work
PI258608138
More jobs in Sunnyvale, California
|
Walmart |
|
Walmart |
|
Walmart |
More jobs in Management
|
Medline Industries, Inc.
$125,000.00 per year
|
|
SBA Network Service Inc. DBA SBA Communications Corporation
$145,000.00 per year
|
|
Clarios, LLC
$115,000.00 per year
|