Cloudflare Logo

Cloudflare

Senior Security Risk Management Specialist - Risk Remediation

Reposted 2 Days Ago
Be an Early Applicant
Hybrid
Bengaluru, Karnataka
Senior level
Hybrid
Bengaluru, Karnataka
Senior level
The Senior Security Risk Management Specialist manages security risks, supports governance processes, aligns risk remediation plans, and mentors team members.
The summary above was generated by AI
Available Locations: Bengaluru
About The Role
We are looking to hire an experienced Security Risk Management Specialist on our Governance, Risk, and Compliance team. This role will be responsible for identifying and managing security risk across Cloudflare's production environment and critical business functions.
At Cloudflare, risk management lays the foundation for protecting Cloudflare and our customers. The Risk team identifies risk throughout the company and prioritizes mitigation efforts to drive Security team roadmaps. We do not believe in tick-box security, so for us risk management is a pathway to doing things right.
This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. We guarantee that you won't get bored.
What you'll do
  • Support the governance process for the security risk register. This includes:
    • Reviewing and advising on new risks and policy exceptions
    • Ensuring the risk register and dependencies are up to date (e.g. Control Framework)
    • Partnering with risk owners to align on risk remediation plans and timelines
    • Driving discussions around risk remediation that involve significant effort or cross-functional collaboration
    • Reviewing evidence submitted by the business to mitigate or close risks
    • Re-reviewing accepted risks and exceptions periodically
  • Supporting risk reviews with business and security leadership
  • Driving program maturity through process improvements and tooling & automation
  • Mentoring fellow team members on risk program initiatives
  • Some travel may be required to engage teammates and stakeholders in San Francisco, Austin, London, Lisbon, or other global Cloudflare locations.

Examples of desirable skills, knowledge and experience.
  • Senior level experience typically gained in 4-8 years working in Security Governance, Risk, and Compliance
  • Experience conducting risk & controls assessments and risk advisory
  • Experience with risk rating methodologies
  • Experience recommending mitigating controls and driving risk remediation
  • Experience reporting on risks and program metrics to leadership
  • Experience maturing or scaling risk program
  • Strong understanding of security control frameworks such as SOC 2, ISO 27001, PCI DSS, and NIST SP 800-53
  • Strong understanding of risk rating methodologies such as NIST SP 800-30 and ISO 31000
  • Solid understanding of on-prem & cloud architectures and security controls
  • Experience with data analytics and dashboarding tools such as Tableau, Looker Studio or Power BI is a plus
  • Strong analytical and interpersonal skills
  • Self-starter with the ability to work independently with a sense of curiosity

Top Skills

Cloudflare
Iso 27001
Iso 31000
Looker Studio
Nist Sp 800-30
Nist Sp 800-53
Pci Dss
Power BI
Soc 2
Tableau

Similar Jobs at Cloudflare

Yesterday
Hybrid
Bengaluru, Karnataka, IND
Expert/Leader
Expert/Leader
Cloud • Information Technology • Security • Software • Cybersecurity
Lead the Bangalore capability center, overseeing operations, technical teams, and government engagements to drive growth and innovation.
Top Skills: CybersecurityEngineeringProduct Development
2 Days Ago
Hybrid
Bengaluru, Karnataka, IND
Mid level
Mid level
Cloud • Information Technology • Security • Software • Cybersecurity
As a founding data engineer, you'll establish data architecture for user journey personalization, set up data lakes, and manage analytics systems for growth marketing.
Top Skills: AirflowAmplitudeApache IcebergClickhouseDbtHeapMySQLPostgresPosthogRestful ApisSQL
2 Days Ago
Hybrid
Bengaluru, Karnataka, IND
Senior level
Senior level
Cloud • Information Technology • Security • Software • Cybersecurity
The Principal Systems Engineer will design a next-gen Rust-based proxy, improve system performance and reliability, mentor engineers, and influence protocol evolution.
Top Skills: CHttp/2Http/3NginxQuicRust

What you need to know about the Pune Tech Scene

Once a far-out concept, AI is now a tangible force reshaping industries and economies worldwide. While its adoption will automate some roles, AI has created more jobs than it has displaced, with an expected 97 million new roles to be created in the coming years. This is especially true in cities like Pune, which is emerging as a hub for companies eager to leverage this technology to develop solutions that simplify and improve lives in sectors such as education, healthcare, finance, e-commerce and more.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account