Key skills
SaaSLeadershipRisk ManagementCommunicationRemote Work
About this role
Role Overview
- Lead the continued evolution of LastPass's risk management framework to ensure it remains repeatable, scalable, and consistently applied
- Design and scale the BISO-aligned advisory model, defining engagement patterns, communication flows, and partnership rhythms that embed GRC in business decisions
- Provide just-in-time risk advisory for product development, engineering changes, supplier decisions, architecture reviews, and other high-impact initiatives, ensuring risks and tradeoffs are clearly understood
- Build strong cross-functional partnerships, serving as a trusted advisor who translates complex technical and business risks into actionable, business-aligned recommendations
- Coach GRC Analysts to adopt advisory behaviors, apply the risk framework consistently, and deliver high-quality just-in-time support across their aligned business areas
- Partner with Governance and GRC Engineering to integrate risk insights with standards, continuous control monitoring signals, and assurance workflows
- Lead technical and executive-level risk discussions through Risk Governance Committees, driving clarity, alignment to risk appetites, and accountable decisions
- Produce clear, executive-ready risk narratives, reports, and dashboards that support leadership understanding, prioritization, and decision-making
Requirements
- Proven experience in security, risk management, or GRC, with a strong record of delivering advisory support to technical and business teams
- Deep expertise in risk analysis, including quantification, frameworks, and risk-informed decision-making, with experience building or evolving risk programs
- Demonstrated ability to lead technical and executive-level discussions, facilitate risk governance committees, and drive stakeholder alignment
- Strong track record of building cross-functional partnerships, influencing decisions, and communicating complex risk topics in clear, actionable terms
- Experience providing just-in-time security or risk guidance in fast-paced product, engineering, or SaaS environments
- Strong facilitation, communication, and storytelling skills, with the ability to create concise, executive-ready summaries and risk narratives
- Ability to coach and mentor team members to strengthen advisory skills and ensure consistent application of risk processes
- Growth-oriented mindset, willing to challenge the status quo and introduce scalable, modern practices
- Certifications such as CISSP, CISM, CRISC, CISA, Security+, or related certifications in information security or audit (great, but not required)
- Experience working with global teams (great, but not required)
Benefits
- Competitive compensation
- Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
- Parental leave
- Comprehensive health coverage, including dependents
- Home office setup support
- LastPass Families free account for up to 5 members
- Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
- Peer-to-peer recognition through Motivosity
- Employee Assistance Program for well-being support
- Remote work stipend to support your home office needs
- Short-Term or Remote-Centric Work Arrangements for added flexibility