Lead Security Risk Analyst
1 week ago
Postman, Inc. stands as a premier collaboration platform dedicated to API development. Our innovative features simplify the API building process and enhance teamwork, enabling the creation of superior APIs more efficiently. With over 30 million developers and 500,000 organizations utilizing Postman globally, we are on a mission to connect 100 million developers and assist companies in thriving within an API-centric landscape.
The Senior Security Risk Analyst will be an integral member of the Security Assurance team, concentrating on strengthening the organization's cybersecurity risk management initiatives. The ideal candidate will have a robust background in cybersecurity and risk management, with practical experience in frameworks such as NIST RMF, FAIR, and ISO. This position is essential for identifying, evaluating, and addressing potential risks to our information systems and assets. The Senior Cybersecurity Risk Analyst will work closely with various departments to maintain the security and integrity of our data and systems. A combination of technical expertise and strategic insight is essential, along with the ability to communicate effectively with stakeholders and guide team members in line with the vision of senior management.
Key Responsibilities:1. Perform thorough risk assessments to uncover information security risks, potential threats, and vulnerabilities arising from business operations.
2. Formulate and execute risk management strategies and frameworks to alleviate identified risks.
3. Continuously assess and monitor the effectiveness of risk mitigation efforts.
4. Collaborate with IT, legal, compliance, and other departments to ensure cohesive risk management practices.
5. Present risk findings, mitigation strategies, and security requirements to stakeholders, including senior management.
6. Create and deliver comprehensive reports on risk assessments, detailing identified threats, vulnerabilities, and the success of implemented mitigation strategies, ensuring clarity for both technical and non-technical stakeholders.
7. Regularly review and update policy and procedural documentation to align with current industry best practices and compliance standards, ensuring the Security Assurance team's activities are in sync with organizational objectives.
8. Actively engage with IT Procurement and Legal in the design, management, and enhancement of Third-Party Risk Management and vendor oversight.
9. Contribute to significant compliance initiatives to integrate and uphold standards such as ISO 27001/27701, HIPAA, NIST, FedRAMP, GDPR, CCPA, and SOC 2, ensuring alignment with regulatory and contractual obligations.
10. Promote collaboration with business leaders and technical teams to identify, assess, and manage security risks and controls, recommending strategies for mitigation and enhancement to support organizational growth.
11. Serve as a mentor and primary point of escalation within the team, providing expert guidance, resolving complex issues, and fostering a culture of security awareness and risk management throughout the organization.
12. Utilize extensive technical knowledge and communication skills to effectively engage with engineers and technologists, offering clear guidance and recommendations on security and compliance best practices.
13. Exhibit a process-oriented, results-driven approach to compliance engineering, employing effective problem-solving and communication skills to serve as a subject matter expert and trusted advisor within Postman.
Qualifications:1. A minimum of ten years of experience in cybersecurity governance, risk management, and compliance, focusing on risk assessments and management.
2. Relevant certifications such as CRISC, CISSP, CISM, or CISA are advantageous.
3. Familiarity with risk management frameworks, including NIST RMF, FAIR, and ISO.
4. Experience with GRC programs, including ISO 27001, HIPAA, and FedRAMP, preferably in a Cloud/SaaS context.
5. Proficient in technical knowledge related to management information systems, audits, and internal controls.
6. Self-motivated and organized, with a proven ability to meet deadlines.
7. Excellent interpersonal skills and the ability to cultivate relationships across departments and cultures.
Company ValuesAt Postman, we embrace the same curiosity that drives our users. We prioritize transparency and honest communication regarding both successes and setbacks. Our work is goal-oriented, contributing to a larger vision. Our inclusive culture ensures that every individual is recognized as a vital component of our final product. We are committed to delivering the highest quality products possible.
Additional InformationIf the position is located in the greater San Francisco area, we offer a competitive base salary range of $153,272 to $207,368, along with an attractive equity package. Actual compensation will be determined based on the candidate's skills, qualifications, and experience. In addition to our performance-based pay philosophy, we provide a comprehensive benefits package, including full medical coverage, flexible PTO, wellness reimbursement, and a monthly lunch stipend. Salaries may vary outside of the specified metropolitan areas and the U.S.
Postman is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes or CVs through this website or directly to managers. Postman does not accept unsolicited resumes from third-party agencies or companies without a signed agreement.
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, streamlining each phase of API creation and enhancing teamwork to foster superior APIs more efficiently. With over 30 million developers and 500,000 organizations utilizing Postman globally, we are dedicated to our mission of connecting 100 million...
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development. Our innovative features simplify every phase of API creation and enhance teamwork, enabling the development of superior APIs more efficiently. With over 30 million developers and 500,000 organizations globally utilizing Postman, we are committed to...
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, empowering developers and organizations to innovate efficiently. With over 30 million developers and 500,000 organizations utilizing our platform, we are on a mission to connect 100 million developers worldwide.The Senior Security Risk Analyst will be...
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman, Inc. stands as a premier collaboration platform for API development, empowering developers and organizations globally. With over 30 million developers and 500,000 organizations utilizing our platform, we are committed to enhancing our mission of connecting 100 million developers in an API-centric world.The Senior Security...
-
Lead Security Risk Analyst
1 week ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, empowering developers and organizations to innovate in an API-first environment. With over 30 million developers and 500,000 organizations utilizing our platform, we are committed to enhancing our mission of connecting 100 million developers...
-
Lead Financial Risk Analyst
2 weeks ago
San Francisco, California, United States Western Alliance Bank Full timeJob Title: Lead Financial Risk Analyst - Technology Lending Location: CA - San Francisco, Spear Role Overview: The Lead Financial Risk Analyst in Technology Lending is tasked with analyzing, overseeing, and maintaining comprehensive financial data on existing and potential technology clients. This role supports the underwriting process for Relationship...
-
Senior Governance, Risk and Compliance Analyst
16 hours ago
San Francisco, California, United States Kandji Full timeAbout KandjiKandji is a leading provider of enterprise-grade Apple device management and security solutions. Our platform empowers organizations to centrally manage and secure their Apple devices, freeing up IT and InfoSec teams from manual, repetitive work.Our vision is to create a seamless and secure experience for Apple users, leveraging connected...
-
IT Security Analyst
1 week ago
San Francisco, California, United States U.S. Court of Appeals, Ninth Circuit Full timeAbout the RoleThe IT Security Analyst (Assessments) plays a critical role in ensuring the security and integrity of the U.S. Court of Appeals, Ninth Circuit's information systems. This position is responsible for continuously identifying, tracking, sharing, and supporting operational IT security requirements across the Ninth Circuit.Key...
-
Lead Risk Management Analyst
2 weeks ago
San Francisco, California, United States Goeverbright Full timePosition OverviewThe Senior Risk Analyst will play a pivotal role in enhancing risk management and safeguarding revenue through various projects and processes. This role involves utilizing automation, advanced algorithms, analytics, and modeling techniques to monitor performance metrics and identify previously unrecognized conditions, ultimately driving...
-
Senior Risk Management Analyst
1 week ago
San Francisco, California, United States Direct Staffing Inc Full timeRole OverviewThe **Senior Vendor Risk Analyst** will be responsible for collaborating with various stakeholders to initiate, define, and strategize assessments of both new and existing vendor partnerships.Key Responsibilities- Conduct thorough assessments either on-site at vendor facilities or remotely through virtual meetings.- Evaluate completed...
-
Senior Risk Management Analyst
2 weeks ago
San Francisco, California, United States Direct Staffing Inc Full timeRole OverviewThe **Senior Vendor Risk Analyst** will be responsible for collaborating with various stakeholders to initiate, define, and strategize assessments of controls related to both new and existing vendor partnerships.Key Responsibilities- Conduct thorough assessments either on-site at vendor facilities or remotely through virtual meetings.- Evaluate...
-
Senior Risk Management Analyst
1 week ago
San Francisco, California, United States Direct Staffing Inc Full timeRole OverviewThe **Senior Vendor Risk Analyst** will be responsible for collaborating with various stakeholders to initiate, define, and strategize control assessments for both new and existing vendor partnerships.Key ResponsibilitiesConduct thorough assessments either on-site at vendor locations or remotely through virtual meetings.Evaluate completed...
-
Senior Risk Management Analyst
2 weeks ago
San Francisco, California, United States Direct Staffing Inc Full timePosition OverviewThe Senior Vendor Risk Analyst will be responsible for collaborating with various stakeholders to initiate, define, and strategize assessments of controls related to both new and ongoing vendor partnerships.Key ResponsibilitiesConduct thorough assessments either on-site at vendor facilities or remotely through virtual meetings.Review...
-
Senior Risk Assessment Analyst
2 weeks ago
San Francisco, California, United States Direct Staffing Inc Full timePosition Overview:As a Senior Risk Assessment Analyst, you will be responsible for collaborating with various stakeholders to initiate, define, and strategize control evaluations for both new and existing vendor partnerships.Key Responsibilities:Conduct thorough assessments either on-site at vendor locations or remotely through virtual meetings.Review...
-
Senior Risk Analyst
2 weeks ago
San Francisco, California, United States Federal Reserve Bank Full timeCompany Federal Reserve Bank of San Francisco We are the San Francisco Fed, dedicated public servants with a mission to enhance the nation's monetary, financial, and payment systems to foster a robust economy for all Americans. Our commitment to community engagement drives us to understand and serve the diverse populations of the Twelfth District. We value...
-
Third-Party Risk Management Analyst
2 weeks ago
San Francisco, California, United States DoorDash USA Full timeAbout DoorDashAt DoorDash, we are committed to building a reliable logistics platform that serves consumers, merchants, and drivers around the clock. Our team is dedicated to ensuring that our global infrastructure remains secure and efficient.Position OverviewThe Governance, Risk, and Compliance (GRC) team is in search of a skilled Third-Party Risk Analyst....
-
Senior Credit Risk Analyst
2 weeks ago
San Francisco, California, United States Visa Full timeCompany OverviewVisa stands at the forefront of the payments and technology sector, facilitating over 259 billion secure transactions annually across more than 200 countries and territories. Our mission is to connect the globe through innovative, reliable, and secure payment solutions, empowering individuals, businesses, and economies to prosper. We are...
-
Credit Risk Analyst
6 days ago
San Francisco, California, United States Cardless Full timeAbout the RoleWe're seeking a highly skilled Risk Analyst to join our team at Cardless, a leading fintech company. As a Risk Analyst, you will play a critical role in developing and implementing our credit and underwriting policies, as well as our fraud defenses.Key ResponsibilitiesDevelop and manage credit policies for our partner brands and new business...
-
Third-Party Risk Management Analyst
2 weeks ago
San Francisco, California, United States DoorDash USA Full timeAbout DoorDashAt DoorDash, we are committed to creating the most reliable logistics platform for delivery services. Our team is dedicated to ensuring that our global infrastructure operates seamlessly, providing uninterrupted service to our diverse marketplace of consumers, merchants, and drivers.Position OverviewThe Governance, Risk, and Compliance (GRC)...
-
Security Officer
1 week ago
San Francisco, California, United States Inter-Con Security Systems, Inc. Full timeJob SummaryWe are seeking a highly skilled Security Officer to join our team at Inter-Con Security Systems, Inc. As a Security Officer, you will be responsible for providing security services to our clients, ensuring the safety and security of their facilities and assets.Key ResponsibilitiesConduct regular patrols of assigned facilities, including high-risk...
