Senior Information Security Analyst

Boston, Ottawa, Remote

Snyk logo
Snyk
Apply now Apply later

Posted 2 weeks ago

We’re looking for an independent minded, detail oriented Senior Security Analyst with a broad base of technical and risk management experience to join our Information Security & Risk team to drive transformational improvement in our service assurance and vendor risk management processes.

Snyk builds industry-leading DevSecOps and open source security tools.  The Information Security & Risk team has been newly created to centralise all corporate cyber and information security and risk management responsibilities within a single strategic function.  We aim to move the risk needle for the company and create a reputation in the community for building (and open sourcing) best-in-breed, data-driven frameworks and capabilities.  We are a new team within a high-growth, security focussed business so there is exceptional room for advancement in this role.

You know how to articulate our security posture externally and understand the importance of real third party risk management in a modern SaaS-heavy organisation. You’ll use that knowledge to have a material (and visible) impact on our growth whilst also making a meaningful impact on the safety of our operations.  You’ll execute on your responsibilities both for delivery and for operational improvements that fundamentally upgrade Snyk’s capabilities.

You’ll spend your time:

  • Operating as a sales-aligned security partner, facilitating sales and customer support engagements, including audits and questionnaires
  • helping to create collateral and white papers to enhance the public understanding of our security posture
  • contributing significantly to meaningful, data driven third party risk analysis and mapping this risk into wider business risk frameworks (we have a LOT of vendors)
  • acting as our North American timezone incident manager for major security incidents (training available)
  • owning a range of end-to-end process improvement to increase efficiency around service assurance, vendor risk analysis and incident management, improving efficiency, accountability and quality of service delivered to the business 
  • Additional technical project delivery according to your ability and appetite

You should apply if you:

  • have a broad base of technical cybersecurity and risk management experience
  • have exceptional written and verbal communications skills and be comfortable presenting in unfamiliar environments
  • are familiar with a range of SaaS tools and their associated risks and best practices
  • understand and fundamentally believe in the importance of using security to increase the value of the business
  • enjoy the speed of a fast-paced, highly engaged startup-to-scaleout environment, particularly in commercially-sensitive situations

We’d especially love to hear from you if you:

  • have experience as an incident manager, or are interested in adopting this as a new skill (training available)
  • have previously worked with quantitative risk management techniques (or are willing to read Hubbard and Seiersen’s ‘How to Measure Anything in Cybersecurity Risk’)

Interested?

Please apply below! We care deeply about the warm, inclusive environment we’ve created and we value diversity - we welcome applications from those typically underrepresented in tech. If you like the sound of this role, but are not totally sure whether you’re the right person, do apply anyway :)

About Snyk

Snyk’s mission is to help developers use open source code and stay secure. 

The use of open source is booming, but security is a key concern. Snyk’s unique product enables developers and enterprise security teams to continuously find & fix vulnerable dependencies without slowing down, offering seamless integration into Dev, DevOps and DevSecOps workflows. We care deeply about the quality and usefulness of the tools we develop, always focusing on our customers and users. 

We are distributed across four offices in London, Tel Aviv, Boston and Ottawa, with our engineering teams based mostly in London and Tel Aviv, and 10% of the company working fully-remote. We’ve made an organizational commitment to building a strong, effective, distributed company: we have teams across multiple offices, and we invest in communication so that we can benefit from each others’ perspectives. Not to mention that we have an always-on webcam so we can see what’s happening in each office, we make heavy use of video calls, Slack, and some inter-office travel.

At Snyk, we are experiencing rapid growth and we want you to join us! By the end of Q4 2019 alone, Snyk had already over 110,000 registered users, including multiple enterprise customers (such as Google, Salesforce, Mastercard, BBC, and others). We also raised an additional $150 million, announced January 21, 2020. With this investment, we have partnered with Stripe, along with Coatue, Tiger Global, BoldStart, Trend Forward, Amity and Salesforce Ventures, to build on our 2019 momentum and continue to fuel our developer-first approach to security. 

We believe open source software is a force for good, and we’re building Snyk to make it easier for developers who aren’t security experts to stay secure.

#LI-TO1

Job tags: Audits DevOps Google Open Source SaaS