Klaviyo · 2 days ago
Lead Security Risk Analyst
Wonder how qualified you are to the job?
Maximize your interview chances
AdvertisingAnalytics
H1B SponsorshipComp. & Benefits
Insider Connection @Klaviyo
Responsibilities
Lead and execute new Risk program maturity projects that introduce more rigorous, streamlined, and automated approaches to risk management
Collaborate with partner teams and risk owners to help them understand and prioritize risk treatment plans
Create, tune, and operationalize highly effective security metrics (KPIs, KRIs, KCIs) that improve security outcomes across Klaviyo
Perform security reviews of new products, product features, and internal business projects to ensure secure paths forward
Collaboratively define and enable teams about security policies and standards to establish Klaviyo’s risk tolerance bar
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Experience doing security risk assessments, co-creating risk treatment strategies, and influencing cross-functional risk treatment prioritization
Thorough understanding of cloud-native web application architectures, security threats, and security best practices, especially in the context of AWS and Kubernetes
Experience using data visualization tools and SQL to build and operationalize security metrics (e.g. Apache Superset)
Experience with scalable approaches to threat modeling, secure design reviews, and risk assessment methods that balance rigor and efficiency (e.g. Mozilla’s Rapid Risk Assessment)
Experience with security automation and process streamlining, ideally in the context of security risk management
A strong bias toward evidence, logic, math, and reason when communicating risk (instead of fear, uncertainty, and doubt)
A strong bias toward “guardrails, not gates” and “paved security roads” philosophies (instead of rigid “centralized command-and-control” thinking)
Excellent ability to plan, prioritize, and deliver results cross-functionally and in a timely fashion
Proficiency discussing complex, nuanced topics with technical & non-technical audiences alike, especially software engineering teams
Strong alignment with Klaviyo’s core values
Preferred
Experience building tools with REST APIs and Python
Experience with data engineering tools (e.g. dbt, Airflow, Airbyte) or data lake platforms (e.g. Snowflake, Databricks)
Experience with cyber risk quantification (CRQ) tools and frameworks (e.g. FAIR, RiskLens, Safe Security, etc.)
Benefits
Medical
Dental
Vision coverage
Health savings accounts
Flexible spending accounts
401(k)
Flexible paid time off
Company-paid holidays
Learning allowance
Access to a professional coaching service
Company
Klaviyo
Klaviyo is an automation and email platform designed to help grow businesses.
H1B Sponsorship
Klaviyo has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (17)
2022 (26)
2021 (26)
2020 (7)
Funding
Current Stage
Public CompanyTotal Funding
$778.5MKey Investors
ShopifySands Capital VenturesAccel
2023-09-20IPO· nyse:KVYO
2022-09-13Secondary Market· Undisclosed
2022-08-02Corporate Round· $100M
Recent News
Yahoo Finance
2024-05-24
2024-05-24
Company data provided by crunchbase