The Senior Security Risk Management Specialist manages security risks, supports governance processes, aligns risk remediation plans, and mentors team members.
Available Locations: Bengaluru
About The Role
We are looking to hire an experienced Security Risk Management Specialist on our Governance, Risk, and Compliance team. This role will be responsible for identifying and managing security risk across Cloudflare's production environment and critical business functions.
At Cloudflare, risk management lays the foundation for protecting Cloudflare and our customers. The Risk team identifies risk throughout the company and prioritizes mitigation efforts to drive Security team roadmaps. We do not believe in tick-box security, so for us risk management is a pathway to doing things right.
This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. We guarantee that you won't get bored.
What you'll do
Examples of desirable skills, knowledge and experience.
About The Role
We are looking to hire an experienced Security Risk Management Specialist on our Governance, Risk, and Compliance team. This role will be responsible for identifying and managing security risk across Cloudflare's production environment and critical business functions.
At Cloudflare, risk management lays the foundation for protecting Cloudflare and our customers. The Risk team identifies risk throughout the company and prioritizes mitigation efforts to drive Security team roadmaps. We do not believe in tick-box security, so for us risk management is a pathway to doing things right.
This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. We guarantee that you won't get bored.
What you'll do
- Support the governance process for the security risk register. This includes:
- Reviewing and advising on new risks and policy exceptions
- Ensuring the risk register and dependencies are up to date (e.g. Control Framework)
- Partnering with risk owners to align on risk remediation plans and timelines
- Driving discussions around risk remediation that involve significant effort or cross-functional collaboration
- Reviewing evidence submitted by the business to mitigate or close risks
- Re-reviewing accepted risks and exceptions periodically
- Supporting risk reviews with business and security leadership
- Driving program maturity through process improvements and tooling & automation
- Mentoring fellow team members on risk program initiatives
- Some travel may be required to engage teammates and stakeholders in San Francisco, Austin, London, Lisbon, or other global Cloudflare locations.
Examples of desirable skills, knowledge and experience.
- Senior level experience typically gained in 4-8 years working in Security Governance, Risk, and Compliance
- Experience conducting risk & controls assessments and risk advisory
- Experience with risk rating methodologies
- Experience recommending mitigating controls and driving risk remediation
- Experience reporting on risks and program metrics to leadership
- Experience maturing or scaling risk program
- Strong understanding of security control frameworks such as SOC 2, ISO 27001, PCI DSS, and NIST SP 800-53
- Strong understanding of risk rating methodologies such as NIST SP 800-30 and ISO 31000
- Solid understanding of on-prem & cloud architectures and security controls
- Experience with data analytics and dashboarding tools such as Tableau, Looker Studio or Power BI is a plus
- Strong analytical and interpersonal skills
- Self-starter with the ability to work independently with a sense of curiosity
Top Skills
Cloudflare
Iso 27001
Iso 31000
Looker Studio
Nist Sp 800-30
Nist Sp 800-53
Pci Dss
Power BI
Soc 2
Tableau
Similar Jobs at Cloudflare
Cloud • Information Technology • Security • Software • Cybersecurity
Lead the Bangalore capability center, overseeing operations, technical teams, and government engagements to drive growth and innovation.
Top Skills:
CybersecurityEngineeringProduct Development
Cloud • Information Technology • Security • Software • Cybersecurity
As a founding data engineer, you'll establish data architecture for user journey personalization, set up data lakes, and manage analytics systems for growth marketing.
Top Skills:
AirflowAmplitudeApache IcebergClickhouseDbtHeapMySQLPostgresPosthogRestful ApisSQL
Cloud • Information Technology • Security • Software • Cybersecurity
The Principal Systems Engineer will design a next-gen Rust-based proxy, improve system performance and reliability, mentor engineers, and influence protocol evolution.
Top Skills:
CHttp/2Http/3NginxQuicRust
What you need to know about the Pune Tech Scene
Once a far-out concept, AI is now a tangible force reshaping industries and economies worldwide. While its adoption will automate some roles, AI has created more jobs than it has displaced, with an expected 97 million new roles to be created in the coming years. This is especially true in cities like Pune, which is emerging as a hub for companies eager to leverage this technology to develop solutions that simplify and improve lives in sectors such as education, healthcare, finance, e-commerce and more.