Head of IT Risk & Compliance
United States
Wiz, Inc.
Agentless cloud security and compliance for AWS, Azure, Google Cloud, and Kubernetes.
At Wiz, we move quickly. We’ve set the record for the fastest first year revenue growth of any tech startup, the fastest company to acquire more than 20% of the Fortune 500 as customers, and the fastest company to reach $1B (and then $6B) in valuation. Most importantly, we provide the fastest ROI of any security product – Wiz connects to the entire multi-cloud environment within 15 minutes and identifies the specific infiltration vectors that make clouds susceptible to a breach in under 24 hours so organizations of all sizes and industries can rapidly identify and remove the most critical risks in AWS, Azure, GCP, and Kubernetes. Join us as we help organizations create secure cloud environments that accelerate their businesses.
Wiz is seeking a Head of IT Risk & Compliance to join our technology leadership team. This person will report to the Chief Security Officer (CSO) and will be responsible for instilling best practice and rigor in our information security, governance, risk and compliance programs. The successful candidate will work at pace to identify risk and oversee mitigations across the internal IT landscape. As part of an integrated global team, they will recognize and respect the interplay between risk management and business growth. And they will ensure compliance with the exigencies of an exacting public and private sector client base to catalyze the our mission at Wiz to make the cloud less cloudy.
Wiz is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.
Wiz is seeking a Head of IT Risk & Compliance to join our technology leadership team. This person will report to the Chief Security Officer (CSO) and will be responsible for instilling best practice and rigor in our information security, governance, risk and compliance programs. The successful candidate will work at pace to identify risk and oversee mitigations across the internal IT landscape. As part of an integrated global team, they will recognize and respect the interplay between risk management and business growth. And they will ensure compliance with the exigencies of an exacting public and private sector client base to catalyze the our mission at Wiz to make the cloud less cloudy.
What You’ll Do:
- Further develop and manage Wiz’s IT risk management program
- Scale and manage a team of IT security and compliance professionals to deliver internal assurance and drive company growth
- Working with the CISO, build relationships with stakeholders throughout the company to raise awareness of risk management while managing risk and enabling compliance in an integrated fashion
- Manage risk and asset management processes, Corrective Action Plans, and report overall IT risk management performance against agreed metrics to senior management
- Working closely with Wiz commercial and legal teams to facilitate risk assessment, risk management and compliance
- Manage the privacy management process providing guidance on Data Processing Agreements with third parties, Data Privacy Policy updates, and data retention policies
- Develop and review Wiz threat models and manage changes to the business to counter exploitation
- Deliver and augment existing security awareness training to safeguard the business in line with strategic objectives
- Take ownership of on-going compliance programs, including meeting standards for government suppliers and diverse multinational corporate clients
- Play a central role in incident management, measuring the effectiveness of the incident management process and adapting policies and procedures accordingly
- Develop and maintain IT security policies and procedures to effectively address an evolving threat landscape
- Take responsibility for continuous monitoring and auditing of corporate systems for vulnerabilities and non-compliance
- Manage third party oversight program of the Wiz supplier and partnership ecosystem
What You’ll Bring:
- 10+ years’ experience in IT risk and compliance, including in leadership
- BA degree or higher in a related field, or equivalent experience working in IT risk and compliance at scale
- Proven experience implementing security technology improvement initiatives in areas such as ISO27001 accreditation
- Proven experience meeting and maintaining compliance standards within an information technology environment
- Experience working within an organization utilizing primarily SaaS and cloud-based tools, and with a remote workforce
- Experience working on risk / compliance in the cloud (including AWS, GCP and Microsoft Azure) and with leading SaaS providers
- Experience of sensitively delivering for a global team while respecting diverse cultures and ways of working
- Strong Communication skills; good oral and written English
Wiz is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.
Tags: Audits AWS Azure Cloud Compliance GCP Governance ISO 27001 Kubernetes Monitoring Privacy Risk assessment Risk management SaaS Vulnerabilities
Perks/benefits: Startup environment
Region:
North America
Country:
United States
Job stats:
10
1
1
Categories:
Compliance Jobs
Leadership Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs