Senior Security Risk Analyst - TPRM

Snowflake

Warsaw, Poland

#7628284002

Position summary

ired based on the use case. You will help identify and manage Third Party security risk to protect Snowflake assets.

AS THE SENIOR SECURITY RISK ANALYST - TPRM**, YOU WILL:**

  • Perform ongoing third party security risk assessments to help Snowflake identify and evaluate security risks

  • Support and monitor remediation efforts of identified gaps, perform remediation audit to validate the closure

  • Review and process incoming requests for security assessment of new products and services

  • Review all evidence provided to compare vendor security controls to Snowflake data protection requirements

  • Assess and manage security findings from various vendor security monitoring systems

  • Develop and improve security documentation

  • Work cross-functionally to ensure team objectives are achieved

  • Take risk-based approach to review security agreement

  • Measure effectiveness of the program and ensure SLA is met

OUR IDEAL SENIOR SECURITY RISK ANALYST - TPRM WILL HAVE:

  • 6+ years of experience in security compliance role with 3+ years previous experience in third party security risk

  • Understanding of a broad set of security best practices (e.g., application security, secure software development lifecycles, risk management, data protection, encryption & key management, identity and access management, security operations, security governance, network security, etc.) and technologies

  • Flexibility to work during different time zones

  • Exceptional communication skills, including perfect written English

  • Familiarity with PCI-DSS, HIPAA, SOC1, SOC2, GDPR, and/or ISO standards and frameworks

  • Previous role that requires exceptional organizational skills. Ability to analyze, organize and prioritize multiple tasks and meet deadlines

  • Technical competence sufficient to understand and explain complicated security concepts to various Snowflake stakeholders possessing varying levels of cybersecurity skill and understanding

  • Self-motivated problem solver who is comfortable engaging with high paced and complex environment

  • Work independently as well as collaboratively within a team environment. Ability to translate ambiguous directives into relevant action items and deliverables

  • Ability to think strategically and plan effectively, with attention to details and a strong ownership ethic and intense focus on accuracy and accountability

  • Extremely high ethical standards as proven by successful background checks and references

  • Previous experience working with a variety of personalities from a variety of cultures

BONUS POINTS FOR EXPERIENCE WITH THE FOLLOWING:

  • Proficiency in use of JIRA, Confluence, and ServiceNow
  • Proven experience in reviewing and negotiating security agreements
  • Security certification, such as CISSP, CCSP, CISA, Security+
  • AWS, Azure, Google Cloud, or other major Cloud Provider experience