Risk Management Lead

Summary

Join Wiz, a rapidly growing cloud security company, as a Risk Management Lead. Reporting to the IT Internal Audit Manager, you will develop and implement a risk management framework tailored to Wiz's unique cloud security needs. You will establish key risk indicators, conduct risk assessments, and collaborate with cross-functional teams to mitigate risks. Prior experience running a risk management program is not required; however, participation in such a program is necessary. The ideal candidate possesses in-depth knowledge of risk management best practices and experience with security and compliance frameworks. This role involves building and owning unique programs, scaling processes, and driving industry best security standards.

Requirements

• Proven experience with Governance, Risk, and Compliance background including 7+ years of experience in a GRC function
• In-depth knowledge of risk management best practices
• Must have the ability to collaborate with technical and non-technical teams alike to further oversight responsibilities of Security
• A passion for building and owning programs that are unique to the environment, not necessarily a copy + paste of what they’ve seen before
• Experience in security and compliance frameworks such as NIST, ISO 27001, SOC2, GDPR, etc
• Familiarity with cloud computing technologies (e.g. AWS, Azure, Google Cloud) and SaaS applications, including associated risks and security controls
• Experience in designing impactful enablement programs to set partner functions up for success
• In-house experience performing or participating in a risk management program
• Ability to scale processes without hindering partner functions
• Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship

Responsibilities

• Lead in the development and implementation of a risk management framework tailored to the unique requirements of cloud security and Wiz
• Establish and monitor key risk indicators to track risk exposure and effectiveness of control treatments
• Work directly with stakeholders to shape the program such that it supports risk prioritization in quarterly planning
• Conduct risk assessments to identify and prioritize potential threats, vulnerabilities, and impacts on Wiz
• Partner closely with Internal Audit to ensure there is comprehensive monitoring of potential threats to Wiz and to drive continuous improvement in Wiz processes and controls
• Collaborate with cross-functional teams, including IT, Legal, Product, Engineering, Security, etc. to assess risks and develop mitigation strategies
• Continuously improve standards, processes, tools, and procedures for risk
• Drive industry best security standards throughout Wiz
• Assist in maintaining the documentation, prioritization, and tracking of items such as the risk register, identified vulnerabilities, exceptions, and major security improvements to Wiz’s Security Program