Information Security - Senior Risk Analyst

Distributed, EMEA | Distributed, AMER

Full Time Senior-level / Expert
Elastic logo
Elastic
Apply now Apply later

Posted 1 month ago

We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Senior Risk Analyst to join our team in Information Security (InfoSec). The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, implementing a holistic security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how to best achieve critical information security objectives.

  • Are you passionate about helping an organization establish and maintain a risk-based approach to achieve strong security posture?
  • Do you want to be in a role that significantly supports the overall success of the team and company?

This could be your dream job, and we'd love to meet you!

What you will be doing:

  • Helping build Elastic’s quantified risk management program; we are taking a very non-traditional approach by using actual numbers and our own ELK stack. Ideally, you have a background in statistics, math, or another quantitative field with some level of technical acumen.
  • Conducting risk assessments to support a variety of different processes such as vendors, control non-conformance, and top risks, through an approach that is relevant and aligned with how we operate as an organization
  • Striving for continuous improvement - continuously learning and challenging ourselves every day

What you've done:

  • Background in statistics, math, or another quantitative field; Python scripting skills are highly preferred
  • Built a career of meaningful work experience across engineering and IT organizations
  • Led and owned initiatives that crossed teams or departments
  • Knowledge of risk assessments for a global organization; FAIR experience would be a bonus
  • Educated all levels of an organization in an approachable manner and tailored your message to fit your audience
  • Experience with our ELK stack would be a bonus
  • Experience with Github and version control would be a bonus
  • Relevant certifications such as CISSP or CRISC would be a bonus
Job tags: CISSP Compliance Incident response Python Risk management Strategy
Job region(s): Africa Europe Middle East North America South America Remote/Anywhere
Job stats:  37  2  0
  • Share this job via
  • or