Similar Jobs at CrowdStrike
As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.
About the Role:
CrowdStrike is seeking a Cyber GRC Senior Risk Analyst to join our Policy, Risk Management, and Control team where we assess, manage, and report on security risk, manage compliance issues, and ensure appropriate governance, awareness and remediation. This role will offer candidates an opportunity to work in a fast-paced, secure, and empowered environment in the tech industry, with a team of experienced security professionals.
The responsibilities of this role include:
Risk Management: Develop and maintain risk controls and mitigation strategies, create and update risk management documentation and policies, collaborate with stakeholders to evaluate and address security risks, and monitor and report on risk metrics and KPIs.
Risk Assessment: Conduct comprehensive risk assessments to evaluate, rate, and prioritize risks based on potential impact and likelihood of exploitation.
Issue and Exception Management: Triage, process, and resolve security issues and requests for exceptions, engaging with various stakeholders such as owners, subject matter experts, and compliance specialists.
Reporting and Analysis: Generate detailed reports and dashboards to identify risk exposure resulting from risk assessments, issues, and exceptions; and analyze data to identify root causes, risk, and trends.
Collaboration and Resolution: Collaborate with cross-functional teams to address and understand risk and resolve identified issues, lead investigations, and communicate technical risks and findings to non-technical stakeholders.
Process Optimization: Identify opportunities to streamline and optimize risk assessments, automate manual processes, and maintain comprehensive documentation.
What You'll Do:
Create risk assessment processes and functionality in our GRC tool.
Perform security risk assessments and reporting for senior leadership across the security risk register.
Work across security teams and the business driving common approaches to risk analysis and risk rating.
Work with stakeholders to resolve issues and exceptions in a timely manner.
Identify and mitigate high-priority risks, reducing risk exposure to the organization.
Identify opportunities to streamline and optimize risk and control assessments and issues and exceptions workflows, reducing manual effort and improving efficiency.
Communicate technical findings and resolutions to non-technical stakeholders effectively, resulting in high stakeholder satisfaction.
Proactively identify areas of improvement within Cyber GRC and lead efforts to address and remediate.
Develop and provide training and communications to stakeholders on risk and control processes
Perform other duties within the scope of GRC
What You'll Need:
Bachelor's Degree: A Bachelor's degree in Computer Science, Information Security, or a related field is required.
5-10 years of experience in a security-related role, with experience in issue and exception management, risk assessment, and compliance.
Strong technical knowledge and understanding of security concepts, including risk management and compliance.
Certifications: Relevant certifications such as CISSP, CISM, or CRISC are preferred.
Experience in security risk management, including risk assessments, issue management, and risk mitigation.
Practical experience with requirements and controls from regulatory requirements such as SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, PCI-DSS and frameworks such as NIST Risk 800-34, NIST 800-53, etc.
Understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.
Soft Skills:
Proven track record of successfully collaborating with cross-functional teams to achieve business objectives.
Ability to build rapport and maintain relationships across functions within the company, with external vendors, and with governmental teams.
Ability to think strategically about risks and tie those risks to tactical organizational activities.
Leadership skills to lead issue analysis, security risk assessments, and collaborate with cross-functional teams.
Strong analytical and problem-solving skills to identify root causes, risk, and trends.
Excellent communication and collaboration skills to work with various stakeholders and communicate technical findings to non-technical stakeholders.
Program and Project Management:
Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.
Bonus Points:
Experience with leading GRC products, such as ServiceNow, and/or cloud environments, including CrowdStrike products or services.
Practical experience in Software Development and Secure Coding best practices.
#LI-Remote
#LI-RC1
Benefits of Working at CrowdStrike:
Remote-friendly and flexible work culture
Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
Right to Work
CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $100,000 - $155,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.For detailed information about the U.S. benefits package, please click here.
Expected Close Date of Job Posting is:11-03-2025