Information Security Governance Risk and Compliance Analyst

Strider is revolutionizing the way companies, universities, research institutions, and government agencies protect their innovation and compete in a new era of global strategic competition. Our trailblazing technology and intelligence solutions enable clients to proactively identify, manage, and respond to nation-state directed IP theft and supply chain vulnerabilities.

The purpose of Strider is to protect the ideals and innovations of the free world. If you’re ready to be part of an elite team tackling some of the most pressing security and technology challenges, let’s talk.

Why is Strider the best place to work?

Working at Strider offers a truly unique proposition for security professionals.

Security is embedded in our culture. Leadership and employees grasp the corporate threat profile and our value proposition which means we spend our time executing our mission without having to sell it.

We are a part of the client community. Strider’s primary clients are security professionals, which means we are using our products internally and providing feedback for new features and capabilities. Our value proposition to the company goes beyond risk reduction and includes product development, marketing and sales.

Work smart with kind people. Flexible hybrid work schedule means you’ll get to know your colleagues and will enjoy building relationships. We work hard to hire people who reflect our values and it shows at every level of the company.

Rock-solid financial execution. The leadership leverages a fiscally responsible multi-year plan. We are experiencing strong, consistent growth with a market reach completely unique for a company of this size and scale.

Insight into great powers competition. Working with our company intelligence analysts supporting our mission provides a unique opportunity to learn more about international affairs.

Position Description

As a key member of Strider’s Security Team reporting to the CISO, you will lead the governance, risk and compliance program ensuring we comply with regulatory requirements and our internal policies. You will lead and continue the development of several key programs for security including risk management, compliance, third party assessments, policy maintenance and training. Our team leverages transparency, trust, and innovation to elevate Strider’s security program through partnership and excellence. The position offers flexibility and room to develop capabilities outside of the core responsibilities in other subject matter areas.

Who You Are

Strider seeks a detail-oriented security compliance professional with the desire and vision to lead researching, developing, and deploying GRC best practices across the company. You have an opinion about the best way to get things done, and the flexibility to adapt your vision to incorporate the perspective of your peers to enable mission success.

Your duties

• Lead initiatives for governance, risk and compliance maximizing risk reduction for cloud environments, SaaS-based products and endpoints
• Develop and maintain a compliance strategy that aligns with corporate goals, maintaining existing certifications and expanding our compliance to new standards
• Lead internal audit reviews in preparation for meeting compliance standards as well as engagements with third party assessors ensuring certification
• Lead risk management for products, corporate IT, vendors and partners
• Identify and reduce risks in infrastructure, products and internal tools
• Conduct vendor and partner security and intelligence risk reviews
• Manage our security policy library, updating and adding policies as necessary
• Support business development activity through fulfilling security questionnaires
• Update and maintain a comprehensive training program for all employees covering security, privacy, and insider risk ensuring our training maintains pace with company growth while meeting our obligations to regulators and customers
• Partner with engineering, product management, IT and others to enable achievement of GRC objectives

What you bring

• 5+ years experience supporting GRC programs for companies with SAAS solutions built in a major cloud provider such as AWS or Azure
• Knowledge of relevant standards such as ISO 27000 family, NIST 800, and applicable laws related to regulatory compliance, information security, and privacy.
• Experience leading security projects and initiatives
• Experience leading research and implementation of compliance standards
• Experience leading compliance engagements securing third-party security certification
• Experience conducting vendor risk management
• Familiarity with maximizing the use of compliance automation software

 Extra credit

• Experience supporting a successful FedRAMP moderate certification
• ISO 27001 certified as internal auditor
• Knowledge of GDPR and CCPA
• Experience supporting insider risk programs
• Experience working in a startup or fast-paced environment
• Knowledge of application security

Strider provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Strider complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Learn more about us by visiting https://www.striderintel.com/