2,388 Security Risk jobs in the United States

Data Security Risk & Compliance Analyst

95762 El Dorado Hills, California M4A Foundation

Posted 13 days ago

Job Viewed

Tap Again To Close

Job Description

Min Qualifications required: Bachelors / Masters

Experience Required: (in no. of yrs) 1+

Experience: Experience in information security, governance, IT audit, or risk management

Minimum Volunteer hours required: (in hrs per week) 15-20

Role Summary: (Briefly explain the overview of the role in 1-2 sentences)

Responsible for building programs, policies and practices to ensure that the organization complies with industry and government regulatory compliance. Increase security awareness, assess compliance and where necessary, provide support in remediating non-compliant areas.

Essential Tasks:

Leverage risk assessment to develop & refine on-going processes and deliverables

Reasearch and provide inputs on standards as regulations such as GDPR

Act as an advisor to associates and management on specific security requirements, implementations and the impact on business processes, applications and systems as needed

Assist in data protection program initiatives

Communicate identified security risks to appropriate parties to ensure a clear understanding of the risks as well as potential mitigations

Skills & Competencies:

Strong understanding of security governance, compliance, and risk management principles

Analytical ability to assess risks, adequacy of controls, and impact upon business processes

Ability to work and learn independently

Strong written and verbal communication skills with all levels of management

Ability to manage multiple tasks concurrently

Software tools & Program knowledge:

Knowledge on blockchain technology/cryptocurrency, is a big plus

"To help support you joining the right part of CrowdDoing for you, please use this form:

The only way CrowdDoing.world can realize its impact potential is through virtual volunteers,service learners( and micro-leaders ( coming together.

See this brief video aboutMicro-leadership at CrowdDoing ( Micro-leadership means that each person adopts a dimension of responsibility for a collective problem in our society through collaborating on that area creatively individually and together through social innovation.

You are also welcome to see more background on CrowdDoing at our Youtube Channel (

Instagram (

Facebook ( ,

LinkedIn (

You can see a CrowdDoing Volunteering FAQ here.

If you have any questions about processes for joining crowddoing as a volunteer please write to

Watch our video to learn more: Systemic change by CrowdDoing

View Now

Security Risk Manager

94199 San Francisco, California DocuSign

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

Company Overview

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign's Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM).

What you'll do

Docusign is looking for a Security Risk Manager to join our Security Governance, Risk & Compliance (GRC) team. In this hands-on role, you will lead modern, data-driven security risk assessments and play a pivotal role in advancing the maturity of our Security Risk Management program.

The ideal candidate combines technical expertise with business acumen, translating risk findings into actionable insights that influence engineering, security and business decisions. Success in this role requires strong analytical skills, the ability to influence cross-functional stakeholders, and the confidence to represent the Security Risk Management program with clarity, empathy and resolution-driven mindset.

This position is an individual contributor role reporting to the Director, Security Product Risk Management.

Responsibility
  • Lead end-to-end risk assessments of applications, systems, and cloud environments, across all security domains
  • Identify, assess, monitor, and report on security risks across the enterprise
  • Analyze risk data to uncover recurring issues, trends, and root causes, and recommend changes to strengthen controls
  • Partner with Engineering, Security, and business functions to embed risk insights into planning, prioritization, and decision-making
  • Develop and maintain risk dashboards and metrics that provide leadership with actionable insights into risk exposure and trends
  • Support and enhance the security control framework, ensuring risks are effectively mapped to controls, and are relevant to the business
  • Provide recommendations on risk acceptance and mitigation that balances business objectives with security requirements
  • Leverage modern GRC platforms and automation (e.g., ServiceNow, OneTrust) to scale risk management processes
  • Stay ahead of emerging risks and industry trends to continuously improve risk practices
Job Designation

Hybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation)

Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position's job designation depending on business needs and as permitted by local law.

What you bring

Basic
  • Minimum of 5+ years of experience in security risk management or related areas
  • Bachelor's degree in Computer Science, Information Systems, Information Security, or a related field
  • Experience with cyber threats and vulnerabilities, with hands-on expertise in one or more security domains (e.g., vulnerability management, insider risk, incident response, identity and access management, application, infrastructure, cloud, product, platform, data and AI security)
  • Experience with risk management frameworks (RMF, ISO 27005, NIST 800-37, NIST 800-30)
  • Experience with risk quantification models (e.g., FAIR) or building custom risk scoring approaches
  • Experience with control frameworks (SSAE16, ISO2701, NIST CSF/800-53, PCI DSS, SIG, CSA, HIPAA, FedRAMP)
  • Experience with GRC platforms and automation tools, preferably ServiceNow IRM
  • One or more certifications: CISSP, CRISC, CISM, CTPRP, CISA, CCSP, CIPT, CompTIA Security+, or AWS/Azure Security
Preferred
  • Strong analytical, problem solving, and communication skills
  • Knowledge of cloud environments (AWS, Azure, GCP) and SaaS platforms
  • Demonstrated ability to work independently with a strong sense of ownership, urgency, and drive
  • Strong business acumen with the ability to communicate risk to technical and non-technical stakeholders and recommend appropriate compensating controls
  • Experience working cross-functionally to evaluate security controls and business processes, translating findings into meaningful risk insights
  • Familiarity with data visualization tools (e.g., Tableau, Power BI) for building risk dashboards
Wage Transparency

Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience.

Based on applicable legislation, the below details pay ranges in the following locations:

California: $128,400.00 - $00,200.00 base salary

Illinois, Colorado, Massachusetts and Minnesota: 123,800.00 - 170,225.00 base salary

Washington, Maryland, New Jersey and New York (including NYC metro area): 123,800.00 - 176,625.00 base salary

This role is also eligible for the following:
  • Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance.
Global benefits provide options for the following:
  • Paid Time Off: earned time off, as well as paid company holidays based on region
  • Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
  • Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
  • Retirement Plans: select retirement and pension programs with potential for employer contributions
  • Learning and Development: options for coaching, online courses and education reimbursements
  • Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events


Life at Docusign

Working here

Docusign is committed to building trust and making the world more agreeable for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do what's right, every day. At Docusign, everything is equal.

We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it. And for that, you'll be loved by us, our customers, and the world in which we live.

Accommodation

Docusign is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need such an accommodation, or a religious accommodation, during the application process, please contact us at

If you experience any issues, concerns, or technical difficulties during the application process please get in touch with our Talent organization at for assistance.

Applicant and Candidate Privacy Notice

States Not Eligible for Employment

This position is not eligible for employment in the following states: Alaska, Hawaii, Maine, Mississippi, North Dakota, South Dakota, Vermont, West Virginia and Wyoming.

Equal Opportunity Employer

It's important to us that we build a talented team that is as diverse as our customers and where all employees feel a deep sense of belonging and thrive. We encourage great talent who bring a range of perspectives to apply for our open positions. Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, or any other legally protected category.

EEO Know Your Rights poster

#LI-Hybrid
View Now

Security & Risk Intern

66018 Westwood, Kansas Panasonic North America

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Overview**
Panasonic Energy is seeking ambitious interns to join the world's largest lithium-ion battery initiative. With superior battery designs and the fastest manufacturing lines in the world, Panasonic Energy invites you to join us in this ongoing full-scale effort to electrify our society.
**Responsibilities**
**Summary:**
Join us at Panasonic Energy as we expand to De Soto, Kansas, where we're building the world's largest lithium-ion battery factory. This is an exciting opportunity to grow your career while contributing to the future of electric vehicles. As part of our team, you'll help push the limits of battery technology, enhancing performance and efficiency in sustainable transportation.
Our state-of-the-art facility, just outside the Kansas City Metro, will be a hub for innovation in green energy solutions. If you're passionate about sustainability and eager to contribute to the electric vehicle revolution, we invite you to be part of our dynamic team. Join us and make a meaningful impact on the future of energy and transportation.
**Job Summary:**
The Security & Risk Intern will contribute to building and maintaining a corporate security culture focused on protecting people, products, and ideas. This role provides exposure to technical, physical, and information security, as well as access control and business continuity practices in a large-scale manufacturing environment. Interns will work closely with security management and cross-functional teams to identify, assess, and mitigate risks while supporting operational goals. The program offers hands-on project experience and professional development in security operations, risk management, and corporate resilience strategies.
**Internship Details:**
+ 12-week Program: Monday, May 18th - Friday, August 7th (dates are subject to change)
+ The program will be a full-time paid summer internship working for Panasonic Energy Corporation of North America onsite in DeSoto, KS
+ Must be able to attend the entirety of the internship 
+ Local candidates preferred
**Essential Duties:**
**Monitoring & Risk Assessment:**
+ Utilize monitoring and reporting tools to identify issues of concern
+ Assess organizational risks and recommend mitigation strategies
+ Respond to security events under the guidance of security management
**Security Operations:**
+ Manage and monitor video surveillance, access control, and alarm systems
+ Support business continuity planning and security protocols
+ Coordinate with business functions to align security needs with production goals
**Project Management & Collaboration:**
+ Assist in planning and managing projects to reduce security risks
+ Develop project plans, tasks, and deliverables in collaboration with managers
+ Communicate expectations, monitor progress, and ensure follow-through on assignments
**Personal Protective Equipment (PPE) Requirements:**
+ To ensure health and safety in the workplace and for employee protection, wearing PPE is a possibility and includes equipment such as a full Tyvek suit, safety shoes, gloves, safety glasses, face mask, and a full hazmat suit that includes a respirator. A respirator fit test will be required based on functional area.
**_The foregoing description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job._**
**Qualifications: Required and/or Preferred**
**Education:**
+ **Required:** Completion of at least 2 years of full-time enrollment (minimum 12 credit hours per semester) at an accredited four-year college or university and pursuing a Bachelor's degree in Business, Criminal Justice, Physical Security, Business Continuity, Homeland Security, or a related field
**Essential Qualifications:**
+ GPA of 3.2 or higher
+ Must be currently enrolled as a full-time student at an accredited four-year college or university
+ Strong problem-solving, organizational, teamwork, and communication skills
+ Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook)
+ Ability to analyze and communicate technical information clearly
+ Must have working-level knowledge of the English language, including reading, writing, and speaking English
+ Alignment to Panasonic's seven (7) core principles (contribution to society, fairness and honesty, cooperation and team spirit, untiring effort for improvement, courtesy and humility, adaptability, gratitude)
**Preferred Qualifications:**
+ Hands-on experience through project teams, internships, or previous jobs
+ Interest in sustainability, renewable energy, or electric vehicles
**Physical Demands:**
**Physical Activities:** Percentage of time (equaling 100%) during the normal workday the employee is required to:
+ Sit: 40%
+ Walk: 30%
+ Stand: 20%
+ Lift: 10%
**Required Lifting and Carrying:** _Not required (0%), Occasional (1-33%), Frequent (34-66%), Continuous (67-100%)_
For this position, the required frequency is:
+ Up to 10 lbs.: Occasional
+ Up to 20 lbs.: Not Required
+ Up to 35 lbs.: Not Required
+ Team-lift only (over 35 lbs.): Not Required
**Who We Are:**
Meet Panasonic Energy ( ! At Panasonic Energy, you'll do work that matters as we are dedicated to transforming the world through the acceleration of sustainable energy. By producing safe, high-quality lithium-ion batteries, you become part of a team that plays a crucial role in creating technologies that move us ( .
This is an exciting time to join us as we expand our operations to De Soto, Kansas and build the world's largest lithium-ion battery factory. We will provide you with the opportunity to experience career growth in more ways than one.
As an innovative thinker, you'll thrive here, as we continually push the boundaries of lithium-ion battery technology and production capabilities to enhance efficiency and performance in EVs.
Being part of Panasonic Energy means positively contributing to society, aligning with our commitment to building a better world through sustainable energy solutions.
We care about what you care about, fostering an environment where your contributions make a meaningful impact on the future of energy and transportation. Join us and be part of a team that values your work, encourages innovation, and actively contributes to a positive societal impact.
In addition to an environment that is as innovative as our products, we offer competitive salaries and benefits.
**We Take Opportunity Seriously:**
At Panasonic Energy, we are committed to a workplace that genuinely fosters inclusion and belonging. Fairness and Honesty have been part of our core values for more than 100 years and we are proud of our diverse culture as an equal opportunity employer.
We understand that your career search may look different than others and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience. If you are actively looking or starting to explore new opportunities, submit your application!
**Where You'll Be:**
For our onsite roles, Panasonic Energy is committed to fostering an ideal working environment that goes beyond the conventional. We understand the significance of moments that matter in your onsite experience, and we prioritize creating a workspace that not only promotes productivity but also ensures a fulfilling and positive work atmosphere. Join us at Panasonic Energy, where your onsite presence is valued, and we strive to make each moment count in your professional journey.
**Supplemental Information:**
Pre-employment drug testing is required.
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or other characteristics protected by law. All qualified individuals are required to perform the essential functions of the job with or without reasonable accommodation.
Applicants must be authorized to work in the United States on a full-time basis at the time the internship begins and must not require sponsorship for employment visa status (e.g., H-1B, O-1, TN, L-1, or other employment-based visas) to participate in the program or for a fulltime role after graduation. This position is not eligible for employer-sponsored work authorization.
_Due to the high volume of responses, we will only be able to respond to candidates of interest._
**Thank you for your interest in Panasonic Energy Corporation of North America.**
**Qualifications**
**Qualifications: Required and/or Preferred**
**Education:**
+ **Required:** Completion of at least 2 years of full-time enrollment (minimum 12 credit hours per semester) at an accredited four-year college or university and pursuing a Bachelor's degree in Business, Criminal Justice, Physical Security, Business Continuity, Homeland Security, or a related field
**Essential Qualifications:**
+ GPA of 3.2 or higher
+ Must be currently enrolled as a full-time student at an accredited four-year college or university
+ Strong problem-solving, organizational, teamwork, and communication skills
+ Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook)
+ Ability to analyze and communicate technical information clearly
+ Must have working-level knowledge of the English language, including reading, writing, and speaking English
+ Alignment to Panasonic's seven (7) core principles (contribution to society, fairness and honesty, cooperation and team spirit, untiring effort for improvement, courtesy and humility, adaptability, gratitude)
+ Applicants must be authorized to work in the United States on a full-time basis at the time the internship begins and must not require sponsorship for employment visa status (e.g., H-1B, O-1, TN, L-1, or other employment-based visas) to participate in the program or for a fulltime role after graduation. This position is not eligible for employer-sponsored work authorization.
**Preferred Qualifications:**
+ Hands-on experience through project teams, internships, or previous jobs
+ Interest in sustainability, renewable energy, or electric vehicles
R-
View Now

Security & Risk Intern

89435 Luning, Nevada Panasonic North America

Posted 19 days ago

Job Viewed

Tap Again To Close

Job Description

**Overview**
Do you want to join a team that's changing the world? Do you have a strong background as a Security & Risk Intern? Then we're looking for you! Check out the job description and apply now! Put your skills to meaningful use, gain unique experience, and work with world-class team members with diverse backgrounds and expertise who share the same vision. Join the Panasonic Energy team today!
**Responsibilities**
**What You'll Do:**
Panasonic Energy is seeking ambitious Security and Risk interns to join the world's largest lithium ion battery initiative. With superior battery designs and the fastest manufacturing lines in the world, Panasonic is producing millions of batteries per day at the Gigafactory to support Tesla's electric vehicle and energy storage businesses. Panasonic Energy invites you to join us in this ongoing full-scale effort to electrify our society. At Panasonic Energy, security interns become part of a corporate security culture focused on protecting people, products, and ideas. You'll be joining a team well versed in aspects of Technical Security, Physical Security, Access Control, Information Security, and Business Continuity.
**Essential Duties:**
+ Utilize monitoring and reporting capabilities to assess and report on issues of concern to the company.
+ Identify and mitigate risk throughout the organization.
+ Coordinate with other business functions to meet the company's security needs without causing unnecessary disruption to production goals.
+ Manage and access video surveillance systems, access control systems, alarm monitoring systems.
+ Respond to security events under the supervision of security management.
+ Manage projects and key initiatives in order to reduce risk.
+ Develop project plans and tasks with managers.
+ Communicate project expectations, planning, monitoring and follow through of assignments and expectations.
**Internship Details:**
+ The program will be a fulltime paid summer internship working for Panasonic Energy at the Gigafactory.
+ The program will be 12 weeks in length, and is planned to occur between **Monday, May 1** **8** **and Friday, August 7, 2026** . _This date range is subject to change._
+ Must be able to attend the entirety of the internship.
+ Applications will be accepted until **Monday,** **October 13** **th, 2025.**
**Program Requirements:**
+ The program will be a full time paid summer internship working for Panasonic Energy onsite at the Gigafactory
+ Must attend entirety of internship from the indicated start and end date noted above
+ Minimum 3.2 GPA
+ Must have completed a minimum of 2 years at an accredited university
+ Applicants must be authorized to work in the United States on a full-time basis at the time the internship begins and must not require sponsorship for employment visa status (e.g., H-1B, O-1, TN, L-1, or other employment-based visas) to participate in the program or for a fulltime role after graduation. This position is not eligible for employer-sponsored work authorization.
**Personal Protective Equipment (PPE) Requirements:**
+ To ensure the health and safety in the workplace and for the protection of our employees, wearing PPE is a possibility and may include equipment such as a full Tyvek suit, safety shoes, gloves, safety glasses, face mask, bump cap, and a full hazmat suit that includes a respirator.
_The foregoing description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job._
**Qualifications**
**What You'll Bring**
**Education:**
+ Basic/Required: Completion of at least two years of full-time enrollment (minimum 12 credit hours per semester) in a Bachelor's degree program in Business, Criminal Justice, Physical Security, Business Continuity, Homeland Security, or similar.
**Essential Qualifications:**
+ Must be currently enrolled as a fulltime student at an accredited four-year college or university
+ Completion of at least two years of full-time enrollment (minimum 12 credit hours per semester) in a Bachelor's Degree program
+ GPA of 3.2 or higher
+ Basic knowledge of project management processes and tools
+ Strong problem-solving skills
+ Strong organizational skills
+ Excellent interpersonal, teamwork, and collaboration skills
+ Strong written and verbal communication skills
+ Ability to write and communicate technical information clearly and concisely
+ Fluency with Microsoft Office Suite (Word, PowerPoint, Excel, Outlook)
+ Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems
+ Must have working-level knowledge of the English language, including reading, writing, and speaking English
**Preferred Qualifications:**
+ Hands-on experience through project teams or previous jobs
+ A desire to create a sustainable future through energy storage, renewable energy, and electric vehicles
**Physical Demands:**
Physical Activities: (Percentage of time (equaling 100%) during the normal workday the employee is required to)
+ Sit: 40%
+ Walk: 30%
+ Stand: 20%
+ Lift: 10%
Tools and/or Equipment: (Required frequency is: Not required (0%), Occasional (1-33%), Frequent (34-66%, Continuous (67-100%)
+ Keyboard/Computer: Continuous
+ Office Equipment: Continuous
+ Phone Continuous
Required Lifting and Carrying: (Required frequency is: Not required (0%), Occasional (1-33%), Frequent (34-66%, Continuous (67-100%)
+ Up to 10 lbs.: Occasional
+ Up to 20 lbs.: Occasional
+ Up to 35 lbs.: Occasional
+ Team-lift only (over 35 lbs.): Not Required
**About Us:**
Meet Panasonic ( ! At Panasonic Energy, you'll do work that matters as we are dedicated to transforming the world through the acceleration of sustainable energy. By producing safe, high-quality lithium-ion batteries, you become part of a team that plays a crucial role in creating technologies that move us.
Our journey began in 2017, and now, as the world's largest lithium-ion battery factory, we are expanding operations to De Soto, Kansas, providing you with the opportunity to experience career growth in more ways than one.
As an innovative thinker, you'll thrive here, as we continually push the boundaries of lithium-ion battery technology and production capabilities to enhance efficiency and performance in EVs.
Being part of Panasonic Energy means positively contributing to society, aligning with our commitment to building a better world through sustainable energy solutions.
We care about what you care about, fostering an environment where your contributions make a meaningful impact on the future of energy and transportation. Join us and be part of a team that values your work, encourages innovation, and actively contributes to a positive societal impact.
**Where You'll Be:**
For our onsite roles, Panasonic Energy is committed to fostering an ideal working environment that goes beyond the conventional. We understand the significance of moments that matter in your onsite experience, and we prioritize creating a workspace that not only promotes productivity but also ensures a fulfilling and positive work atmosphere. Join us at Panasonic Energy, where your onsite presence is valued, and we strive to make each moment count in your professional journey.
**We Take Opportunity Seriously:**
At Panasonic Energy, we are committed to a workplace that genuinely fosters inclusion and belonging. Fairness and Honesty have been part of our core values for more than 100 years and we are proud of our diverse culture as an equal opportunity employer.
We understand that your career search may look different than others and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience. If you are actively looking or starting to explore new opportunities, send us your application!
**Supplemental Information:**
Pre-employment drug testing is required.
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. All qualified individuals are required to perform the essential functions of the job with or without reasonable accommodation.
_Due to the high volume of responses, we will only be able to respond to candidates of interest. All candidates must have valid authorization to work in the U.S. without restriction._
Thank you for your interest in Panasonic Energy of North America.
#LI-JJ1
#LI-JR1
#LI-LS1
R-
View Now

Staff Security Risk and Compliance Program Manager

99811 Juneau, Alaska Confluent

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Location:**
Remote, United States
**Employment Type:**
FullTime
**Location Type:**
Remote
**Department**
Engineering
**Compensation:**
$213.2K - $250.5K - Offers Equity
_At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click_ here ( _._
**Overview**
We're not just building better tech. We're rewriting how data moves and what the world can do with it. With Confluent, data doesn't sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.
It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.
One Confluent. One Team. One Data Streaming Platform.
**About the Role:**
As the **Staff Security Risk and Compliance Program Manager** in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent's platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, certification compliance, and excellent program management skills. In this role, you'll be responsible for overseeing and maturing our risk management programs, including third party risk management, risk operations and reporting. This is a senior-level position that requires strong leadership, deep expertise in risk and compliance frameworks, and a data-driven approach to risk management.
**What You Will Do:**
**Third-Party Risk Management (TPRM) Leadership:**
+ **Program Ownership** : Develop, implement, and maintain Confluent's risk & compliance program, policies, and procedures. Act as the primary owner of risk management initiatives, ensuring they are well-defined and executed on time.
+ **Third Party Risk Assessment:** Develop a third party risk management north star, and execute a risk-based approach for onboarding, monitoring, and offboarding third parties. This includes conducting due diligence, assessing vendor integration risks, and mitigating and reporting on third party risks to stakeholders.
+ **Continuous Monitoring:** Establish and manage a continuous monitoring program to track vendor performance, security posture, and compliance with contractual obligations.
+ **Contract Management:** Partner with legal and procurement to ensure risk-mitigation clauses are integrated into third-party contracts and service level agreements (SLAs).
**Risk Operations & Process Excellence:**
+ **Operationalization:** Translate risk management policies into scalable, repeatable, and efficient operational processes.
+ **Tooling & Automation:** Identify, implement, and manage risk management tools (e.g., GRC platforms) to automate workflows, streamline assessments, and improve data accuracy.
+ **Process Improvement:** Continuously evaluate and optimize risk processes to enhance efficiency, reduce manual effort, and improve the overall user experience for internal stakeholders.
**Risk Metrics & Reporting:**
+ **Key Performance & Risk Indicators:** Define, track, and report on key risk and performance indicators (KRIs/KPIs) to measure the effectiveness of the security and compliance programs.
+ **Executive Reporting:** Prepare and present clear, concise, and data-driven reports to senior leadership and the Board of Directors on the state of security and compliance risks.
+ **Data Analysis:** Conduct trend analysis on risk data to identify emerging risks, areas of concern, and opportunities for proactive mitigation.
+ **Benchmarking:** Stay abreast of industry best practices and regulatory changes to benchmark our program and drive continuous improvement.
**What You Will Bring:**
+ **Experience** : 8+ years of experience in GRC, with a significant portion of that time focused specifically on risk management.
+ **Technical Skills** :
+ Strong understanding of compliance frameworks such as NIST, ISO 27001, SOC, PCI DSS, HITRUST, CSA Star, etc.
+ Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management.
+ Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
+ **Tooling and automation:** Experience with implementing, operationalizing and maintaining GRC platforms.
+ **Program Management Skills:**
+ Strong project management and organizational skills.
+ Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.
+ Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
+ **Communication and Collaboration skills** : Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset.
+ **Certifications** : Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus
**Ready to build what's next? Let's get in motion.**
**Come As You Are**
Belonging isn't a perk here. It's the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what's possible.
We're proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.
View Now

Staff Security Risk and Compliance Program Manager

62762 Springfield, Illinois Confluent

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Location:**
Remote, United States
**Employment Type:**
FullTime
**Location Type:**
Remote
**Department**
Engineering
**Compensation:**
$213.2K - $250.5K - Offers Equity
_At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click_ here ( _._
**Overview**
We're not just building better tech. We're rewriting how data moves and what the world can do with it. With Confluent, data doesn't sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.
It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.
One Confluent. One Team. One Data Streaming Platform.
**About the Role:**
As the **Staff Security Risk and Compliance Program Manager** in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent's platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, certification compliance, and excellent program management skills. In this role, you'll be responsible for overseeing and maturing our risk management programs, including third party risk management, risk operations and reporting. This is a senior-level position that requires strong leadership, deep expertise in risk and compliance frameworks, and a data-driven approach to risk management.
**What You Will Do:**
**Third-Party Risk Management (TPRM) Leadership:**
+ **Program Ownership** : Develop, implement, and maintain Confluent's risk & compliance program, policies, and procedures. Act as the primary owner of risk management initiatives, ensuring they are well-defined and executed on time.
+ **Third Party Risk Assessment:** Develop a third party risk management north star, and execute a risk-based approach for onboarding, monitoring, and offboarding third parties. This includes conducting due diligence, assessing vendor integration risks, and mitigating and reporting on third party risks to stakeholders.
+ **Continuous Monitoring:** Establish and manage a continuous monitoring program to track vendor performance, security posture, and compliance with contractual obligations.
+ **Contract Management:** Partner with legal and procurement to ensure risk-mitigation clauses are integrated into third-party contracts and service level agreements (SLAs).
**Risk Operations & Process Excellence:**
+ **Operationalization:** Translate risk management policies into scalable, repeatable, and efficient operational processes.
+ **Tooling & Automation:** Identify, implement, and manage risk management tools (e.g., GRC platforms) to automate workflows, streamline assessments, and improve data accuracy.
+ **Process Improvement:** Continuously evaluate and optimize risk processes to enhance efficiency, reduce manual effort, and improve the overall user experience for internal stakeholders.
**Risk Metrics & Reporting:**
+ **Key Performance & Risk Indicators:** Define, track, and report on key risk and performance indicators (KRIs/KPIs) to measure the effectiveness of the security and compliance programs.
+ **Executive Reporting:** Prepare and present clear, concise, and data-driven reports to senior leadership and the Board of Directors on the state of security and compliance risks.
+ **Data Analysis:** Conduct trend analysis on risk data to identify emerging risks, areas of concern, and opportunities for proactive mitigation.
+ **Benchmarking:** Stay abreast of industry best practices and regulatory changes to benchmark our program and drive continuous improvement.
**What You Will Bring:**
+ **Experience** : 8+ years of experience in GRC, with a significant portion of that time focused specifically on risk management.
+ **Technical Skills** :
+ Strong understanding of compliance frameworks such as NIST, ISO 27001, SOC, PCI DSS, HITRUST, CSA Star, etc.
+ Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management.
+ Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
+ **Tooling and automation:** Experience with implementing, operationalizing and maintaining GRC platforms.
+ **Program Management Skills:**
+ Strong project management and organizational skills.
+ Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.
+ Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
+ **Communication and Collaboration skills** : Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset.
+ **Certifications** : Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus
**Ready to build what's next? Let's get in motion.**
**Come As You Are**
Belonging isn't a perk here. It's the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what's possible.
We're proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.
View Now

Staff Security Risk and Compliance Program Manager

80238 Denver, Colorado Confluent

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Location:**
Remote, United States
**Employment Type:**
FullTime
**Location Type:**
Remote
**Department**
Engineering
**Compensation:**
$213.2K - $250.5K - Offers Equity
_At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click_ here ( _._
**Overview**
We're not just building better tech. We're rewriting how data moves and what the world can do with it. With Confluent, data doesn't sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.
It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.
One Confluent. One Team. One Data Streaming Platform.
**About the Role:**
As the **Staff Security Risk and Compliance Program Manager** in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent's platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, certification compliance, and excellent program management skills. In this role, you'll be responsible for overseeing and maturing our risk management programs, including third party risk management, risk operations and reporting. This is a senior-level position that requires strong leadership, deep expertise in risk and compliance frameworks, and a data-driven approach to risk management.
**What You Will Do:**
**Third-Party Risk Management (TPRM) Leadership:**
+ **Program Ownership** : Develop, implement, and maintain Confluent's risk & compliance program, policies, and procedures. Act as the primary owner of risk management initiatives, ensuring they are well-defined and executed on time.
+ **Third Party Risk Assessment:** Develop a third party risk management north star, and execute a risk-based approach for onboarding, monitoring, and offboarding third parties. This includes conducting due diligence, assessing vendor integration risks, and mitigating and reporting on third party risks to stakeholders.
+ **Continuous Monitoring:** Establish and manage a continuous monitoring program to track vendor performance, security posture, and compliance with contractual obligations.
+ **Contract Management:** Partner with legal and procurement to ensure risk-mitigation clauses are integrated into third-party contracts and service level agreements (SLAs).
**Risk Operations & Process Excellence:**
+ **Operationalization:** Translate risk management policies into scalable, repeatable, and efficient operational processes.
+ **Tooling & Automation:** Identify, implement, and manage risk management tools (e.g., GRC platforms) to automate workflows, streamline assessments, and improve data accuracy.
+ **Process Improvement:** Continuously evaluate and optimize risk processes to enhance efficiency, reduce manual effort, and improve the overall user experience for internal stakeholders.
**Risk Metrics & Reporting:**
+ **Key Performance & Risk Indicators:** Define, track, and report on key risk and performance indicators (KRIs/KPIs) to measure the effectiveness of the security and compliance programs.
+ **Executive Reporting:** Prepare and present clear, concise, and data-driven reports to senior leadership and the Board of Directors on the state of security and compliance risks.
+ **Data Analysis:** Conduct trend analysis on risk data to identify emerging risks, areas of concern, and opportunities for proactive mitigation.
+ **Benchmarking:** Stay abreast of industry best practices and regulatory changes to benchmark our program and drive continuous improvement.
**What You Will Bring:**
+ **Experience** : 8+ years of experience in GRC, with a significant portion of that time focused specifically on risk management.
+ **Technical Skills** :
+ Strong understanding of compliance frameworks such as NIST, ISO 27001, SOC, PCI DSS, HITRUST, CSA Star, etc.
+ Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management.
+ Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
+ **Tooling and automation:** Experience with implementing, operationalizing and maintaining GRC platforms.
+ **Program Management Skills:**
+ Strong project management and organizational skills.
+ Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.
+ Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
+ **Communication and Collaboration skills** : Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset.
+ **Certifications** : Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus
**Ready to build what's next? Let's get in motion.**
**Come As You Are**
Belonging isn't a perk here. It's the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what's possible.
We're proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.
View Now
Be The First To Know

About the latest Security risk Jobs in United States !

Staff Security Risk and Compliance Program Manager

96823 Honolulu, Hawaii Confluent

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Location:**
Remote, United States
**Employment Type:**
FullTime
**Location Type:**
Remote
**Department**
Engineering
**Compensation:**
$213.2K - $250.5K - Offers Equity
_At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click_ here ( _._
**Overview**
We're not just building better tech. We're rewriting how data moves and what the world can do with it. With Confluent, data doesn't sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.
It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.
One Confluent. One Team. One Data Streaming Platform.
**About the Role:**
As the **Staff Security Risk and Compliance Program Manager** in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent's platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, certification compliance, and excellent program management skills. In this role, you'll be responsible for overseeing and maturing our risk management programs, including third party risk management, risk operations and reporting. This is a senior-level position that requires strong leadership, deep expertise in risk and compliance frameworks, and a data-driven approach to risk management.
**What You Will Do:**
**Third-Party Risk Management (TPRM) Leadership:**
+ **Program Ownership** : Develop, implement, and maintain Confluent's risk & compliance program, policies, and procedures. Act as the primary owner of risk management initiatives, ensuring they are well-defined and executed on time.
+ **Third Party Risk Assessment:** Develop a third party risk management north star, and execute a risk-based approach for onboarding, monitoring, and offboarding third parties. This includes conducting due diligence, assessing vendor integration risks, and mitigating and reporting on third party risks to stakeholders.
+ **Continuous Monitoring:** Establish and manage a continuous monitoring program to track vendor performance, security posture, and compliance with contractual obligations.
+ **Contract Management:** Partner with legal and procurement to ensure risk-mitigation clauses are integrated into third-party contracts and service level agreements (SLAs).
**Risk Operations & Process Excellence:**
+ **Operationalization:** Translate risk management policies into scalable, repeatable, and efficient operational processes.
+ **Tooling & Automation:** Identify, implement, and manage risk management tools (e.g., GRC platforms) to automate workflows, streamline assessments, and improve data accuracy.
+ **Process Improvement:** Continuously evaluate and optimize risk processes to enhance efficiency, reduce manual effort, and improve the overall user experience for internal stakeholders.
**Risk Metrics & Reporting:**
+ **Key Performance & Risk Indicators:** Define, track, and report on key risk and performance indicators (KRIs/KPIs) to measure the effectiveness of the security and compliance programs.
+ **Executive Reporting:** Prepare and present clear, concise, and data-driven reports to senior leadership and the Board of Directors on the state of security and compliance risks.
+ **Data Analysis:** Conduct trend analysis on risk data to identify emerging risks, areas of concern, and opportunities for proactive mitigation.
+ **Benchmarking:** Stay abreast of industry best practices and regulatory changes to benchmark our program and drive continuous improvement.
**What You Will Bring:**
+ **Experience** : 8+ years of experience in GRC, with a significant portion of that time focused specifically on risk management.
+ **Technical Skills** :
+ Strong understanding of compliance frameworks such as NIST, ISO 27001, SOC, PCI DSS, HITRUST, CSA Star, etc.
+ Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management.
+ Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
+ **Tooling and automation:** Experience with implementing, operationalizing and maintaining GRC platforms.
+ **Program Management Skills:**
+ Strong project management and organizational skills.
+ Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.
+ Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
+ **Communication and Collaboration skills** : Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset.
+ **Certifications** : Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus
**Ready to build what's next? Let's get in motion.**
**Come As You Are**
Belonging isn't a perk here. It's the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what's possible.
We're proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.
View Now

Staff Security Risk and Compliance Program Manager

19904 Rising Sun, Maryland Confluent

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Location:**
Remote, United States
**Employment Type:**
FullTime
**Location Type:**
Remote
**Department**
Engineering
**Compensation:**
$213.2K - $250.5K - Offers Equity
_At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click_ here ( _._
**Overview**
We're not just building better tech. We're rewriting how data moves and what the world can do with it. With Confluent, data doesn't sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.
It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.
One Confluent. One Team. One Data Streaming Platform.
**About the Role:**
As the **Staff Security Risk and Compliance Program Manager** in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent's platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, certification compliance, and excellent program management skills. In this role, you'll be responsible for overseeing and maturing our risk management programs, including third party risk management, risk operations and reporting. This is a senior-level position that requires strong leadership, deep expertise in risk and compliance frameworks, and a data-driven approach to risk management.
**What You Will Do:**
**Third-Party Risk Management (TPRM) Leadership:**
+ **Program Ownership** : Develop, implement, and maintain Confluent's risk & compliance program, policies, and procedures. Act as the primary owner of risk management initiatives, ensuring they are well-defined and executed on time.
+ **Third Party Risk Assessment:** Develop a third party risk management north star, and execute a risk-based approach for onboarding, monitoring, and offboarding third parties. This includes conducting due diligence, assessing vendor integration risks, and mitigating and reporting on third party risks to stakeholders.
+ **Continuous Monitoring:** Establish and manage a continuous monitoring program to track vendor performance, security posture, and compliance with contractual obligations.
+ **Contract Management:** Partner with legal and procurement to ensure risk-mitigation clauses are integrated into third-party contracts and service level agreements (SLAs).
**Risk Operations & Process Excellence:**
+ **Operationalization:** Translate risk management policies into scalable, repeatable, and efficient operational processes.
+ **Tooling & Automation:** Identify, implement, and manage risk management tools (e.g., GRC platforms) to automate workflows, streamline assessments, and improve data accuracy.
+ **Process Improvement:** Continuously evaluate and optimize risk processes to enhance efficiency, reduce manual effort, and improve the overall user experience for internal stakeholders.
**Risk Metrics & Reporting:**
+ **Key Performance & Risk Indicators:** Define, track, and report on key risk and performance indicators (KRIs/KPIs) to measure the effectiveness of the security and compliance programs.
+ **Executive Reporting:** Prepare and present clear, concise, and data-driven reports to senior leadership and the Board of Directors on the state of security and compliance risks.
+ **Data Analysis:** Conduct trend analysis on risk data to identify emerging risks, areas of concern, and opportunities for proactive mitigation.
+ **Benchmarking:** Stay abreast of industry best practices and regulatory changes to benchmark our program and drive continuous improvement.
**What You Will Bring:**
+ **Experience** : 8+ years of experience in GRC, with a significant portion of that time focused specifically on risk management.
+ **Technical Skills** :
+ Strong understanding of compliance frameworks such as NIST, ISO 27001, SOC, PCI DSS, HITRUST, CSA Star, etc.
+ Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management.
+ Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
+ **Tooling and automation:** Experience with implementing, operationalizing and maintaining GRC platforms.
+ **Program Management Skills:**
+ Strong project management and organizational skills.
+ Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.
+ Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
+ **Communication and Collaboration skills** : Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset.
+ **Certifications** : Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus
**Ready to build what's next? Let's get in motion.**
**Come As You Are**
Belonging isn't a perk here. It's the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what's possible.
We're proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.
View Now

Staff Security Risk and Compliance Program Manager

06132 Hartford, Connecticut Confluent

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

**Location:**
Remote, United States
**Employment Type:**
FullTime
**Location Type:**
Remote
**Department**
Engineering
**Compensation:**
$213.2K - $250.5K - Offers Equity
_At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click_ here ( _._
**Overview**
We're not just building better tech. We're rewriting how data moves and what the world can do with it. With Confluent, data doesn't sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.
It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.
One Confluent. One Team. One Data Streaming Platform.
**About the Role:**
As the **Staff Security Risk and Compliance Program Manager** in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent's platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, certification compliance, and excellent program management skills. In this role, you'll be responsible for overseeing and maturing our risk management programs, including third party risk management, risk operations and reporting. This is a senior-level position that requires strong leadership, deep expertise in risk and compliance frameworks, and a data-driven approach to risk management.
**What You Will Do:**
**Third-Party Risk Management (TPRM) Leadership:**
+ **Program Ownership** : Develop, implement, and maintain Confluent's risk & compliance program, policies, and procedures. Act as the primary owner of risk management initiatives, ensuring they are well-defined and executed on time.
+ **Third Party Risk Assessment:** Develop a third party risk management north star, and execute a risk-based approach for onboarding, monitoring, and offboarding third parties. This includes conducting due diligence, assessing vendor integration risks, and mitigating and reporting on third party risks to stakeholders.
+ **Continuous Monitoring:** Establish and manage a continuous monitoring program to track vendor performance, security posture, and compliance with contractual obligations.
+ **Contract Management:** Partner with legal and procurement to ensure risk-mitigation clauses are integrated into third-party contracts and service level agreements (SLAs).
**Risk Operations & Process Excellence:**
+ **Operationalization:** Translate risk management policies into scalable, repeatable, and efficient operational processes.
+ **Tooling & Automation:** Identify, implement, and manage risk management tools (e.g., GRC platforms) to automate workflows, streamline assessments, and improve data accuracy.
+ **Process Improvement:** Continuously evaluate and optimize risk processes to enhance efficiency, reduce manual effort, and improve the overall user experience for internal stakeholders.
**Risk Metrics & Reporting:**
+ **Key Performance & Risk Indicators:** Define, track, and report on key risk and performance indicators (KRIs/KPIs) to measure the effectiveness of the security and compliance programs.
+ **Executive Reporting:** Prepare and present clear, concise, and data-driven reports to senior leadership and the Board of Directors on the state of security and compliance risks.
+ **Data Analysis:** Conduct trend analysis on risk data to identify emerging risks, areas of concern, and opportunities for proactive mitigation.
+ **Benchmarking:** Stay abreast of industry best practices and regulatory changes to benchmark our program and drive continuous improvement.
**What You Will Bring:**
+ **Experience** : 8+ years of experience in GRC, with a significant portion of that time focused specifically on risk management.
+ **Technical Skills** :
+ Strong understanding of compliance frameworks such as NIST, ISO 27001, SOC, PCI DSS, HITRUST, CSA Star, etc.
+ Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management.
+ Strong security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security
+ **Tooling and automation:** Experience with implementing, operationalizing and maintaining GRC platforms.
+ **Program Management Skills:**
+ Strong project management and organizational skills.
+ Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making.
+ Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
+ **Communication and Collaboration skills** : Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset.
+ **Certifications** : Current Security CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus
**Ready to build what's next? Let's get in motion.**
**Come As You Are**
Belonging isn't a perk here. It's the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what's possible.
We're proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.
View Now
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Risk Jobs