Lead Security Risk Analyst
1 week ago
Postman is recognized as the premier collaboration platform for API development, empowering developers and organizations to innovate in an API-first environment. With over 30 million developers and 500,000 organizations utilizing our platform, we are committed to enhancing our mission of connecting 100 million developers globally.
The Senior Security Risk Analyst will be an integral member of the Security Assurance team, concentrating on strengthening the organization's cybersecurity risk management initiatives. The ideal candidate will have a robust background in cybersecurity and risk management, with practical experience in frameworks such as NIST RMF, FAIR, and ISO. This position is essential for identifying, assessing, and mitigating potential risks to our information systems and assets.
Key Responsibilities:- Perform thorough risk assessments to pinpoint information security vulnerabilities and potential threats arising from business activities.
- Design and execute risk management strategies and frameworks to address identified risks.
- Continuously assess and monitor the effectiveness of risk mitigation strategies.
- Work collaboratively with IT, legal, compliance, and other departments to ensure integrated risk management practices.
- Communicate findings, mitigation strategies, and security requirements to stakeholders, including senior management.
- Prepare and present comprehensive reports on risk assessments, detailing identified threats, vulnerabilities, and the effectiveness of mitigation measures, ensuring clarity for both technical and non-technical audiences.
- Regularly update Postman's policy and procedural documentation to align with current industry best practices and compliance standards.
- Engage actively with IT Procurement and Legal in the development and management of Third-Party Risk Management and vendor oversight.
- Contribute to significant compliance initiatives to uphold standards such as ISO 27001/27701, HIPAA, NIST, FedRAMP, GDPR, CCPA, and SOC 2.
- Collaborate with business leaders and technical teams to identify, evaluate, and manage security risks and controls, recommending strategies for enhancement.
- Act as a mentor and key resource within the team, providing expert guidance and fostering a culture of security awareness and risk management.
- Utilize extensive technical knowledge and communication skills to interact effectively with engineers and technologists, offering clear guidance on security and compliance best practices.
- Adopt a process-oriented, results-driven approach to compliance engineering, serving as a subject matter expert and trusted advisor.
- A minimum of ten years of experience in cybersecurity governance, risk management, and compliance, focusing on risk assessments and management.
- Relevant certifications such as CRISC, CISSP, CISM, or CISA are advantageous.
- Familiarity with risk management frameworks, including NIST RMF, FAIR, and ISO.
- Experience with GRC programs, including ISO 27001, HIPAA, and FedRAMP, particularly in a Cloud/SaaS context.
- Strong technical knowledge related to management information systems, audits, and internal controls.
- Self-motivated and organized, with a proven ability to meet deadlines.
- Excellent interpersonal skills with the ability to build relationships across diverse departments and cultures.
At Postman, we cultivate curiosity akin to that of our users. We prioritize transparency and honest communication regarding both our successes and failures. Our work is goal-oriented, contributing to a larger vision, and our inclusive culture ensures that every team member is valued as a crucial part of our collective success.
Compensation and BenefitsFor roles based in the greater San Francisco area, we offer a competitive base salary range along with an equity package. Actual compensation will depend on the candidate's skills, qualifications, and experience. In addition to our performance-based pay philosophy, we provide a comprehensive benefits package, including full medical coverage, flexible PTO, wellness reimbursement, and a monthly lunch stipend.
Postman is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, protected veteran status, or disability status.
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, streamlining each phase of API creation and enhancing teamwork to foster superior APIs more efficiently. With over 30 million developers and 500,000 organizations utilizing Postman globally, we are dedicated to our mission of connecting 100 million...
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development. Our innovative features simplify every phase of API creation and enhance teamwork, enabling the development of superior APIs more efficiently. With over 30 million developers and 500,000 organizations globally utilizing Postman, we are committed to...
-
Lead Security Risk Analyst
1 week ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman, Inc. stands as a premier collaboration platform dedicated to API development. Our innovative features simplify the API building process and enhance teamwork, enabling the creation of superior APIs more efficiently. With over 30 million developers and 500,000 organizations utilizing Postman globally, we are on a mission to...
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, empowering developers and organizations to innovate efficiently. With over 30 million developers and 500,000 organizations utilizing our platform, we are on a mission to connect 100 million developers worldwide.The Senior Security Risk Analyst will be...
-
Lead Security Risk Analyst
2 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman, Inc. stands as a premier collaboration platform for API development, empowering developers and organizations globally. With over 30 million developers and 500,000 organizations utilizing our platform, we are committed to enhancing our mission of connecting 100 million developers in an API-centric world.The Senior Security...
-
Lead Financial Risk Analyst
2 weeks ago
San Francisco, California, United States Western Alliance Bank Full timeJob Title: Lead Financial Risk Analyst - Technology Lending Location: CA - San Francisco, Spear Role Overview: The Lead Financial Risk Analyst in Technology Lending is tasked with analyzing, overseeing, and maintaining comprehensive financial data on existing and potential technology clients. This role supports the underwriting process for Relationship...
-
Senior Governance, Risk and Compliance Analyst
16 hours ago
San Francisco, California, United States Kandji Full timeAbout KandjiKandji is a leading provider of enterprise-grade Apple device management and security solutions. Our platform empowers organizations to centrally manage and secure their Apple devices, freeing up IT and InfoSec teams from manual, repetitive work.Our vision is to create a seamless and secure experience for Apple users, leveraging connected...
-
Lead Risk Management Analyst
2 weeks ago
San Francisco, California, United States Goeverbright Full timePosition OverviewThe Senior Risk Analyst will play a pivotal role in enhancing risk management and safeguarding revenue through various projects and processes. This role involves utilizing automation, advanced algorithms, analytics, and modeling techniques to monitor performance metrics and identify previously unrecognized conditions, ultimately driving...
-
Senior Risk Management Analyst
1 week ago
San Francisco, California, United States Direct Staffing Inc Full timeRole OverviewThe **Senior Vendor Risk Analyst** will be responsible for collaborating with various stakeholders to initiate, define, and strategize assessments of both new and existing vendor partnerships.Key Responsibilities- Conduct thorough assessments either on-site at vendor facilities or remotely through virtual meetings.- Evaluate completed...
-
IT Security Analyst
1 week ago
San Francisco, California, United States U.S. Court of Appeals, Ninth Circuit Full timeAbout the RoleThe IT Security Analyst (Assessments) plays a critical role in ensuring the security and integrity of the U.S. Court of Appeals, Ninth Circuit's information systems. This position is responsible for continuously identifying, tracking, sharing, and supporting operational IT security requirements across the Ninth Circuit.Key...
-
Senior Risk Management Analyst
2 weeks ago
San Francisco, California, United States Direct Staffing Inc Full timeRole OverviewThe **Senior Vendor Risk Analyst** will be responsible for collaborating with various stakeholders to initiate, define, and strategize assessments of controls related to both new and existing vendor partnerships.Key Responsibilities- Conduct thorough assessments either on-site at vendor facilities or remotely through virtual meetings.- Evaluate...
-
Senior Risk Management Analyst
1 week ago
San Francisco, California, United States Direct Staffing Inc Full timeRole OverviewThe **Senior Vendor Risk Analyst** will be responsible for collaborating with various stakeholders to initiate, define, and strategize control assessments for both new and existing vendor partnerships.Key ResponsibilitiesConduct thorough assessments either on-site at vendor locations or remotely through virtual meetings.Evaluate completed...
-
Senior Risk Management Analyst
2 weeks ago
San Francisco, California, United States Direct Staffing Inc Full timePosition OverviewThe Senior Vendor Risk Analyst will be responsible for collaborating with various stakeholders to initiate, define, and strategize assessments of controls related to both new and ongoing vendor partnerships.Key ResponsibilitiesConduct thorough assessments either on-site at vendor facilities or remotely through virtual meetings.Review...
-
Senior Risk Assessment Analyst
2 weeks ago
San Francisco, California, United States Direct Staffing Inc Full timePosition Overview:As a Senior Risk Assessment Analyst, you will be responsible for collaborating with various stakeholders to initiate, define, and strategize control evaluations for both new and existing vendor partnerships.Key Responsibilities:Conduct thorough assessments either on-site at vendor locations or remotely through virtual meetings.Review...
-
Senior Risk Analyst
2 weeks ago
San Francisco, California, United States Federal Reserve Bank Full timeCompany Federal Reserve Bank of San Francisco We are the San Francisco Fed, dedicated public servants with a mission to enhance the nation's monetary, financial, and payment systems to foster a robust economy for all Americans. Our commitment to community engagement drives us to understand and serve the diverse populations of the Twelfth District. We value...
-
Third-Party Risk Management Analyst
2 weeks ago
San Francisco, California, United States DoorDash USA Full timeAbout DoorDashAt DoorDash, we are committed to building a reliable logistics platform that serves consumers, merchants, and drivers around the clock. Our team is dedicated to ensuring that our global infrastructure remains secure and efficient.Position OverviewThe Governance, Risk, and Compliance (GRC) team is in search of a skilled Third-Party Risk Analyst....
-
Senior Credit Risk Analyst
2 weeks ago
San Francisco, California, United States Visa Full timeCompany OverviewVisa stands at the forefront of the payments and technology sector, facilitating over 259 billion secure transactions annually across more than 200 countries and territories. Our mission is to connect the globe through innovative, reliable, and secure payment solutions, empowering individuals, businesses, and economies to prosper. We are...
-
Credit Risk Analyst
6 days ago
San Francisco, California, United States Cardless Full timeAbout the RoleWe're seeking a highly skilled Risk Analyst to join our team at Cardless, a leading fintech company. As a Risk Analyst, you will play a critical role in developing and implementing our credit and underwriting policies, as well as our fraud defenses.Key ResponsibilitiesDevelop and manage credit policies for our partner brands and new business...
-
Third-Party Risk Management Analyst
2 weeks ago
San Francisco, California, United States DoorDash USA Full timeAbout DoorDashAt DoorDash, we are committed to creating the most reliable logistics platform for delivery services. Our team is dedicated to ensuring that our global infrastructure operates seamlessly, providing uninterrupted service to our diverse marketplace of consumers, merchants, and drivers.Position OverviewThe Governance, Risk, and Compliance (GRC)...
-
Security Officer
1 week ago
San Francisco, California, United States Inter-Con Security Systems, Inc. Full timeJob SummaryWe are seeking a highly skilled Security Officer to join our team at Inter-Con Security Systems, Inc. As a Security Officer, you will be responsible for providing security services to our clients, ensuring the safety and security of their facilities and assets.Key ResponsibilitiesConduct regular patrols of assigned facilities, including high-risk...
