Senior Manager, Security Risk Management

| Austin
Sorry, this job was removed at 5:46 a.m. (CST) on Tuesday, December 14, 2021
Find out who's hiring in Austin.
See all Cybersecurity + IT jobs in Austin
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Invitae is dedicated to bringing comprehensive genetic information into mainstream medicine to improve healthcare for billions of people. Our team is driven to make a difference for the patients we serve. We are leading the transformation of the genetics industry, by making genetic testing affordable and accessible for everyone to guide health decisions across all stages of life.

The IT Security Risk Management team is responsible for ensuring that we reduce and manage risks that may obstruct the rapid pace of the company’s growth and to seek opportunities and challenges that can further enable the company to achieve its vision.

What you will do:

Security Risk Management

  • Provide expert advice on risk monitoring and reviews for the organization, coordinate risk mitigation activities, and provide risk mitigation assistance to other groups
  • Serve in a Lead role in the implementation of cyber security-related internal governance processes, including issue reporting, issue management, policy/standard review, risk identification, risk assessment, and risk monitoring
  • Assess, respond to and escalate risks, potential gaps, and observations associated with ongoing cloud security controls monitoring as appropriate
  • Identify risks, potential gaps and observations resulting from security control assessments and testing against cloud security controls as appropriate
  • Demonstrate thought leadership and manage ambiguity by applying a thorough understanding of cyber security and risk management objectives to specific examples to determine desired outcomes
  • Support the intake, triage, and processing of reported risks and identified gaps
  • Manage and maintain the GRC platform as well as the Risk Management library of tools and templates
  • Assist in defining, implementing, and maintaining Risk Management policies, standards, and operating models

Third Party Risk Management 

  • Lead end-to-end management and governance of third party risk for the company
  • Work with internal stakeholders (Legal, Compliance, Security Architecture and Information Technology)  to provide a comprehensive assessment of the third party's risk through review of due diligence, evaluation of due diligence, risk assessment, and audited reports of controls
  • Maintain Vendor Watch List and monitor vendors on the Watch List
  • Provide oversight and support monitoring of the TPRM lifecycle
  • Partner with vendors on addressing critical and vulnerable areas to reduce potential exposure

Client Assurance

  • Responsible for completion of Client security questionnaires regarding Invitae’s information security posture, future strategy and current controls•
  • Partner with internal corporate teams to address questions in the area of IT, Infrastructure, Security Architecture and application teams to facilitate responses related to application functionality and security
  • Collaborate closely with business units and clients to provide accurate and appropriate responses to questionnaires by clients
  • Serve as the SME with our business partners and clients in regards to security assurance 

Information Security Awareness 

  • Define awareness program strategy, including identifying the top human threats, behaviors needed to mitigate those threats, and cybersecurity communication and education initiatives to encourage those behaviors
  • Develop and maintain a security awareness program that effectively fosters a culture of security and promotes desired behaviors
  • Generate fun, creative, new ideas to enhance engagement across global employee population

Who you are:

  • 3+ years work experience managing information risk analysis and risk management function 
  • Knowledge and experience working with the latest information security technologies and tools
  • Demonstrated problem solving, analytical and investigative skills combined with the ability to develop creative solutions and navigate through ambiguity in a fast-paced, agile environment
  • Excellent written and oral communication skills, as well as strong interpersonal and relationship building skills.
  • High level of personal integrity, with the ability to professionally handle confidential matters while leveraging the appropriate level of judgment
  • CRISC, CISM, CISA  preferred

By joining Invitae, you’ll work alongside some of the world’s experts in genetics and healthcare at the forefront of genetic medicine. We’ve created a culture that empowers our teams and our teammates to have the biggest impact and to explore their interests and capabilities. We prize freedom with accountability and offer significant flexibility, along with excellent benefits and competitive compensation in a fast-growing organization.

Join us.

At Invitae, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Location

Situated in Austin's Central Business District, one block West of the Texas State Capitol.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about InvitaeFind similar jobs