Senior Security Risk Analyst at Pure Storage

What do NASA and emerging space companies have in common with COVID vaccine R&D teams or with Roblox and the Metaverse? 

The answer is data, -- all fast moving, fast growing industries rely on data for a competitive edge in their industries. And the most advanced companies are realizing the full data advantage by partnering with Pure Storage. Pure’s vision is to redefine the storage experience and empower innovators by simplifying how people consume and interact with data. With 11,000+ customers including 58% of the Fortune 500, we’ve only scratched the surface of our ambitions. 

Pure is blazing trails and setting records:

• For ten straight years, Gartner has named Pure a leader in the Magic Quadrant 

• Our customer-first culture and unwavering commitment to innovation have earned us a certified Net Promoter Score in the top 1% of B2B companies globally

• Industry analysts and press applaud Pure’s leadership across these dimensions

• And, our 5,000+ employees are emboldened to make Pure a faster, stronger, smarter company as we go

If you, like us, say “bring it on” to exciting challenges that change the world, we have endless opportunities where you can make your mark.

SHOULD YOU ACCEPT THIS CHALLENGE...

The Governance, Risk and Compliance (GRC) team within Pure Storage’s Global Information Security Office (GISO) is responsible for driving maturity in security processes through policies and standards, effective risk management practices and ensuring compliance with contractual and legal requirements.

We are looking for an experienced Sr. Security Risk Analyst to join our growing team. We are redefining the traditional approach to risk management and we want you to be an intrinsic part to the success of this effort.

The Sr. Security Risk Analyst will own the following day-to-day risk management duties.

• Work with engineering teams to identify, evaluate and document security risks on product releases

• Work with architecture and engineering teams to identify technical security risks in solution architecture and design.

• Maintain the risk register and actively collaborate with risk owners on remediation plans to publish a risk heat map .

• Perform risk assessments on new and existing third parties.

• Responsible for creating and publishing relevant reports to show the risk posture of the business and product groups.

• Act as an ambassador at Pure Storage to help drive a culture of security and risk awareness.

• Continually seek opportunities to improve the risk management process through regular review, measurement and action.

WHAT YOU’LL NEED TO BRING TO THIS ROLE...

• Must have 8+ years of proven Risk Management experience.

• Expertise in risk assessment / determination required.

• Expertise in generating meaningful reports to highlight risks required.

• Expertise with risk identification in solution architecture and design.

• Good understanding of Security standards (ISO 31000, NIST CSF) required.

• Solid appreciation of common GRC tools preferred. 

• Experience of working at a Technology company preferred.

• Agile experience preferred.

• Self-starter with a proactive attitude.

• Customer-focused, excellent communication skills and the ability to collaborate cross-functionally required.

• Executive presence and excellent verbal and written communication skills

• Bachelors Degree in Computer Science, or equivalent is required.

• Certifications such as CISA, CISM, CRISC or CISSP are a plus

• Must be willing and able to work in an open office, team environment.