Cloudflare
Senior Security Risk Management Specialist - Risk Remediation
Job Posted 7 Days Ago
Be an Early Applicant
The Senior Security Risk Management Specialist manages security risks, supports governance processes, aligns risk remediation plans, and mentors team members.
Available Locations: Bengaluru
About The Role
We are looking to hire an experienced Security Risk Management Specialist on our Governance, Risk, and Compliance team. This role will be responsible for identifying and managing security risk across Cloudflare's production environment and critical business functions.
At Cloudflare, risk management lays the foundation for protecting Cloudflare and our customers. The Risk team identifies risk throughout the company and prioritizes mitigation efforts to drive Security team roadmaps. We do not believe in tick-box security, so for us risk management is a pathway to doing things right.
This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. We guarantee that you won't get bored.
What you'll do
Examples of desirable skills, knowledge and experience.
About The Role
We are looking to hire an experienced Security Risk Management Specialist on our Governance, Risk, and Compliance team. This role will be responsible for identifying and managing security risk across Cloudflare's production environment and critical business functions.
At Cloudflare, risk management lays the foundation for protecting Cloudflare and our customers. The Risk team identifies risk throughout the company and prioritizes mitigation efforts to drive Security team roadmaps. We do not believe in tick-box security, so for us risk management is a pathway to doing things right.
This is an opportunity to join a rapidly scaling and world class security organization within a billion dollar business. We guarantee that you won't get bored.
What you'll do
- Support the governance process for the security risk register. This includes:
- Reviewing and advising on new risks and policy exceptions
- Ensuring the risk register and dependencies are up to date (e.g. Control Framework)
- Partnering with risk owners to align on risk remediation plans and timelines
- Driving discussions around risk remediation that involve significant effort or cross-functional collaboration
- Reviewing evidence submitted by the business to mitigate or close risks
- Re-reviewing accepted risks and exceptions periodically
- Supporting risk reviews with business and security leadership
- Driving program maturity through process improvements and tooling & automation
- Mentoring fellow team members on risk program initiatives
- Some travel may be required to engage teammates and stakeholders in San Francisco, Austin, London, Lisbon, or other global Cloudflare locations.
Examples of desirable skills, knowledge and experience.
- Senior level experience typically gained in 4-8 years working in Security Governance, Risk, and Compliance
- Experience conducting risk & controls assessments and risk advisory
- Experience with risk rating methodologies
- Experience recommending mitigating controls and driving risk remediation
- Experience reporting on risks and program metrics to leadership
- Experience maturing or scaling risk program
- Strong understanding of security control frameworks such as SOC 2, ISO 27001, PCI DSS, and NIST SP 800-53
- Strong understanding of risk rating methodologies such as NIST SP 800-30 and ISO 31000
- Solid understanding of on-prem & cloud architectures and security controls
- Experience with data analytics and dashboarding tools such as Tableau, Looker Studio or Power BI is a plus
- Strong analytical and interpersonal skills
- Self-starter with the ability to work independently with a sense of curiosity
Top Skills
Cloudflare
Iso 27001
Iso 31000
Looker Studio
Nist Sp 800-30
Nist Sp 800-53
Pci Dss
Power BI
Soc 2
Tableau
Similar Jobs at Cloudflare
Cloud • Information Technology • Security • Software • Cybersecurity
The Security Architect will design secure network architectures, focusing on public key infrastructure, secrets management, and automation while collaborating across teams to improve security protocols and compliance.
Top Skills:
AutomationCertificate ManagementCisCloud Security ArchitectureCrlCryptographyCsfFipsIso 27001/2Networking ProtocolsNistOcspPkiScriptingSecrets ManagementX.509
Cloud • Information Technology • Security • Software • Cybersecurity
Responsible for building operational infrastructure for the Business Development team, managing a group of BDR professionals, and driving sales strategy execution.
Top Skills:
Data ToolsSales Acceleration ToolsSalesforce
Cloud • Information Technology • Security • Software • Cybersecurity
As a Red Team Engineer, you will develop adversarial emulation programs, track industry trends, and drive innovative red team strategies to enhance Cloudflare's security posture.
Top Skills:
APIsCloud Systems(Ggp/Azure/Ad)Cloudflare ProductsMacos/LinuxServer/Networking HardwareWeb ApplicationsWindows
What you need to know about the Pune Tech Scene
Once a far-out concept, AI is now a tangible force reshaping industries and economies worldwide. While its adoption will automate some roles, AI has created more jobs than it has displaced, with an expected 97 million new roles to be created in the coming years. This is especially true in cities like Pune, which is emerging as a hub for companies eager to leverage this technology to develop solutions that simplify and improve lives in sectors such as education, healthcare, finance, e-commerce and more.