Key skills
CloudServiceNowSaaSRisk Management
About this role
Role Overview
- Safeguarding the organization's assets and ensuring operational resilience by identifying and assessing potential Cyber Risks of all incoming vendors, third parties, services, and technology
- Collaborate with cross-functional teams and third-party vendors to request, collect, and analyze pertinent information and collateral
- Conduct technology risk assessments across new and existing applications
- Ensure comprehensive documentation is maintained for all approved and denied exceptions
- Collect, process, and interpret multiple sources of data to model Cyber Risk scenarios and translate findings into measurable business risk statements
- Track risk plan milestones and drive issue management
- Develop mitigation strategies, recommend strategies to reduce, transfer, or avoid Cyber Risks
- Perform security assessments of new and existing third-party vendors and service providers
- Utilize and manage the corporate GRC platform and risk management tools to streamline risk workflows
- Respond to customer, partner, or compliance questionnaires related to product security
- Gather evidence and documentation required for internal and external security audits
Requirements
- 5+ years of relevant experience in Information Security, IT Risk Management, IT Audit, or GRC, with a heavy focus on technology risk
- Deep working knowledge of key GRC concepts, risk assessment methodologies, and industry frameworks (e.g., NIST SP 800-53/CSF, ISO 27001)
- Proven, hands-on experience using and configuring modern GRC platforms for risk management, policy management, and compliance automation. Experience in configuring and using tools such as Archer, ServiceNow, MetricStream or Vanta preferred
- Experience with IT and Security tools, SaaS / other Cloud technologies and/or software development
- Certifications: CRISC, CISM, CISA, or similar recognized security and risk management certifications
- Bachelor’s degree in computer science, Information Security, or a related field
- Must be a US Citizen.
Tech Stack
- Cloud
- ServiceNow
Benefits
- Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies
- a DUNS 100 Top Startup to Work For
- multi-year Inc. Best Workplace awardee