IT Risk Management Analyst
Procore is seeking a Risk Management Analyst with a background of privacy or information security to lead the security and privacy operations risk management operations. As a risk management analyst, your primary role is to identify security and privacy related risks and implement risk-mitigating measures, in collaboration with the related global security and privacy risk functions as well as almost all departments throughout Procore. You will be a trusted advisor/consultant for any business functions within Procore, in terms of security and privacy risk management. You will also have an opportunity to be a key part of the IT Security Management team within Procore IT with the goal to improve and mature the organization’s asset management processes.
- Partner with Privacy Legal, IT, Corporate Security, Operations and other stakeholder teams to ensure that required security and privacy measures are properly in place
- Implement necessary security measures to protect the company’s information in compliance with the requirements by the related laws and regulations as well as the security and privacy standards, in collaboration with the related global functions.
- Create and maintain local security and privacy guidelines and rules in alignment with the related global policies and standards.
- Provide awareness activities towards security and privacy to the employees, including regular internal trainings.
- Conduct third party assessment in terms of their security and privacy controls.
- Respond to and manage security and privacy incidents, including the notification to the related external authorities.
- Respond to inquiries from internal business partners as well as external individuals on our security and privacy operations, and recommend and participate in the improvement processes.
- Drive risk assessment activities, maintain the risk register and contribute to long term process improvement initiatives and risk treatment plans
- Bachelor's Degree in Computer Science, Finance or related discipline or equivalent experience.
- 3+ years of IT work experience
- 3-5 years of experience in privacy or information security area.
- Prior experience in any of risk assessment, creating internal policies, providing trainings, or incident management in privacy or information security area.
- Knowledge of privacy and security related regulatory compliance requirements including the security risk management frameworks, such as the Japan Privacy Law and the related guidelines, GDPR, ISO 27001, etc.
- Ability to operate autonomously to get things done in a given timeline, and lead meetings and projects with minimal guidance.
- Excellent verbal and written communication skills for stakeholders at all levels and all functions of the organization
- Analytical thinker, highly organized, detail-oriented, ability to multitask
- An up-to-date functioning understanding of current privacy and information security trends, with an ability to learn and understand quickly in a dynamic environment.
- Prior experience in leading a project or project management in security or privacy related projects.
- A proactive goal achiever who innovates to go above and beyond expectations, and is comfortable working in a fast-paced and dynamic environment incorporating constant change in priority.
- Knowledge of or experience in working with any of security risk management frameworks is a plus.
Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore. Our headquarters is located on the bluffs above the Pacific Ocean in Carpinteria, CA, with growing offices worldwide. To learn more about our team, click here.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Perks & Benefits
You are a person with dreams, goals, and ambitions—both personally and professionally. That's why we believe in providing benefits that not only match our Procore values (Openness, Optimism, and Ownership) but enhance the lives of our team members. Here are just a few of our benefit offerings: competitive health care plans, unlimited paid vacation, stock options, employee enrichment and development programs, and friends & family events.