Sr. GRC Specialist, Security Risk Management
Hashicorp
Full-time
Remote
In this role, you will:
Help define and mature the internal and vendor security risk framework, program and processes
Help define, standardize, and educate stakeholders on risk taxonomy and nomenclature
Help define and continually improve risk scoring methodologies
Perform and facilitate internal and vendor security risk assessments
Review new risk submissions and facilitate its progress through the risk management process
Track progress against, follow up and report on risk treatment efforts
Maintain the security risk register
Track and report on risks to stakeholders across the company
Track and report on trends in security risk and threats
Define, track and report on KRIs
Help develop the HashiCorp Common Controls Framework
Help develop and contribute to quarterly and annual planning for the risk program
Track execution against OKRs and the risk program roadmap
Assist with other GRC activities as needed, including external security audits and other tasks as required
Help define and mature the internal and vendor security risk framework, program and processes
Help define, standardize, and educate stakeholders on risk taxonomy and nomenclature
Help define and continually improve risk scoring methodologies
Perform and facilitate internal and vendor security risk assessments
Review new risk submissions and facilitate its progress through the risk management process
Track progress against, follow up and report on risk treatment efforts
Maintain the security risk register
Track and report on risks to stakeholders across the company
Track and report on trends in security risk and threats
Define, track and report on KRIs
Help develop the HashiCorp Common Controls Framework
Help develop and contribute to quarterly and annual planning for the risk program
Track execution against OKRs and the risk program roadmap
Assist with other GRC activities as needed, including external security audits and other tasks as required