Asana5 дней назад
Security Risk Manager
San Francisco
Обязанности
- 01Own Asana's internal security risk management program end-to-end
- 02Design and continuously mature a quantitative risk framework including risk scoring methodologies, likelihood and impact modeling, and risk appetite thresholds
- 03Build and maintain a living risk register, developing KRIs, tracking trends, and driving accountability for risk treatment
- 04Design and implement automated data pipelines and integrations that continuously surface security risks from various sources
- 05Develop executive-level dashboards that communicate security risk in business terms
- 06Act as the primary security risk partner to Legal, Privacy, Finance, and Engineering
- 07Influence security investment decisions and build a culture of risk awareness
Требования
- 017+ years of experience in information security with a strong focus on security risk management and GRC
- 02Demonstrated experience building or leading a security risk management program
- 03Hands-on experience with quantitative risk methodologies such as FAIR, risk scoring models, or statistical risk analysis
- 04Hands-on experience scripting or building automation to integrate security tooling, build data pipelines, or automate risk monitoring
- 05Deep knowledge of security frameworks including NIST CSF, NIST SP 800-30, ISO 27001, SOC 2, and FedRAMP
- 06Proven ability to develop risk metrics, KRIs, and executive-level reporting
- 07Strong understanding of cloud environments and SaaS architecture
- 08Excellent communicator who can translate technical risk findings for both engineering teams and C-suite stakeholders
- 09Demonstrates curiosity about AI tools and emerging technologies
Условия
- 01Role is based in the San Francisco office with an office-centric hybrid schedule
- 02Standard in-office days are Monday, Tuesday, and Thursday
- 03Option to work from home on Wednesdays
- 04Working from home on Fridays depends on the type of work and teams
- 05Estimated base salary range is between $194,000–$220,000
- 06Compensation package may include equity and benefits
- 07Benefits include mental health, wellness & fitness benefits, career coaching & support, inclusive family building benefits, long-term savings or retirement plans, in-office culinary options