InfoSec - Risk Management Analyst
Posted 1 month ago
Elastic is a search company with a simple goal: to solve the world's data problems with products that delight and inspire. As the creators of the Elastic Stack, we help thousands of organizations including Cisco, eBay, Grab, Goldman Sachs, ING, Microsoft, NASA, The New York Times, Wikipedia, and many more use Elastic to power mission-critical systems. From stock quotes to Twitter streams, Apache logs to WordPress blogs, our products are extending what's possible with data, delivering on the promise that good things come from connecting the dots. We have a distributed team of Elasticians across 30+ countries (and counting), and our diverse open source community spans over 100 countries. Learn more at elastic.co
We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Senior Risk Analyst to join our team in Information Security (InfoSec). The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, implementing a holistic security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how to best achieve critical information security objectives.
- Are you passionate about helping an organization establish and maintain a risk-based approach to achieve strong security posture?
- Do you want to be in a role that significantly supports the overall success of the team and company?
This could be your dream job, and we'd love to meet you!
What you will be doing:
- Helping build Elastic’s quantified risk management program
- Conducting risk assessments to support a variety of different processes such as vendors, control non-conformance, and top risks, through an approach that is relevant and aligned with how we operate as an organization
- Striving for continuous improvement - continuously learning and challenging ourselves every day
What you've done:
- Defined and led different types of risk assessments for a global organization; FAIR experience preferred
- Developed meaningful organizational risk appetite approach and measurement
- Educated all levels of an organization about risk management in an approachable manner and helped define specific, actionable risk management plans
#Additional Information - We Take Care of Our People
As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.
We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.
- Competitive pay based on the work you do here and not your previous salary
- Health coverage for you and your family in many locations
- Ability to craft your calendar with flexible locations and schedules for many roles
- Generous number of vacation days each year
- Double your charitable giving — we match up to 1% of your salary
- Up to 40 hours each year to use toward volunteer projects you love
- Embracing parenthood with minimum of 16 weeks of parental leave
Elastic is an Equal Employment employer committed to the principles of equal employment opportunity and affirmative action for all applicants and employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. Elastic also makes reasonable accommodations for disabled employees consistent with applicable law.