Information Security - Senior Risk Analyst
Distributed, EMEA | Distributed, AMER
We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Senior Risk Analyst to join our team in Information Security (InfoSec). The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, implementing a holistic security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how to best achieve critical information security objectives.
- Are you passionate about helping an organization establish and maintain a risk-based approach to achieve strong security posture?
- Do you want to be in a role that significantly supports the overall success of the team and company?
This could be your dream job, and we'd love to meet you!
What you will be doing:
- Helping build Elastic’s quantified risk management program; we are taking a very non-traditional approach by using actual numbers and our own ELK stack. Ideally, you have a background in statistics, math, or another quantitative field with some level of technical acumen.
- Conducting risk assessments to support a variety of different processes such as vendors, control non-conformance, and top risks, through an approach that is relevant and aligned with how we operate as an organization
- Striving for continuous improvement - continuously learning and challenging ourselves every day
What you've done:
- Background in statistics, math, or another quantitative field; Python scripting skills are highly preferred
- Built a career of meaningful work experience across engineering and IT organizations
- Led and owned initiatives that crossed teams or departments
- Knowledge of risk assessments for a global organization; FAIR experience would be a bonus
- Educated all levels of an organization in an approachable manner and tailored your message to fit your audience
- Experience with our ELK stack would be a bonus
- Experience with Github and version control would be a bonus
- Relevant certifications such as CISSP or CRISC would be a bonus