72 applicantsPosted by Agency
Justworks · 2 days ago
Senior Security Risk Analyst
New York, NY
Full-time
Hybrid
Entry, Mid Level
$140K/yr - $154K/yr
3+ years exp
Wonder how qualified you are to the job?
Maximize your interview chancesB2BBookkeeping and Payroll
Insider Connection @Justworks
Responsibilities
Work with the GRC leader to provide security guidance and solutions that protect Justworks, our products, customers, and employees.
Support GRC team with implementing and operationalizing GRC strategy and multi-year roadmaps to mature Justwork’s GRC function.
Have a working knowledge of and be able to support all GRC capabilities such as cyber risk management, third-party risk management, security training and communications, and our compliance program.
Conduct Third Party Risk assessments, educate vendor relationship owners on the risks identified, work with them to secure remediation plans with vendors.
Support security-related educational and compliance programs, including developing and managing regular phishing simulations, creating security newsletters and other communications, etc.
Maintain a cyber risk register with timely updates and regular reviews with risk owners to drive risk closure.
Provide data input to predefined GRC metrics to support monthly and quarterly departmental OKR reporting.
Proactively seek clarification, ask thoughtful questions, and focus on learning and development.
Follow best practices within the team. Raise concerns. Offer suggestions.
Research topics and find answers outside the area of expertise.
Develop domain knowledge such as IT, InfraOps, Engineering, Benefits, Payment, etc to better align security initiatives with business priorities.
Create and update process documentation.
Support Justworks’ audit commitment related to SOC2, GDPR, and our Justworks policies and standards.
Manage security findings brought forward through the risk reporting and risk exception process and report to security leadership where gaps exist.
Collaborate with all stakeholders across the company to provide risk visibilities, and more importantly to drive risk mitigation
Assist in building a risk-aware culture by maturing existing risk management processes to monitor, track, measure and report cyber risks.
Drive timely & effective communication via collaboration with various stakeholders including IT, Cyber Defense Operations, Security Architecture & Engineering, People Operations, Customer Service and Marketing.
Perform other related duties as assigned.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
At least 3+ years' experience directly in cybersecurity fields, with a demonstrated track record in one or more of the following areas: third-party risk management, cyber risk management, policy & compliance, security awareness, and communication
Clear understanding of risk assessment methodology, NIST 800-53, CIS, and associated security and privacy rules
Strong knowledge and experience with operational risk management, covering the full lifecycle of activities, including risk identification, assessment, mitigation, monitoring, and reporting
Functional knowledge of security domains and information security industry standards and best practices
Ability to identify and recommend tools, processes, and software to automate and continuously improve security and compliance practices.
Previous experience with GRC solutions - Archer, ServiceNow, LogicGate, etc
Technical understanding of cloud-based security in an AWS environment
Proven track record as a strong communicator both in written and oral presentations; capable of rapidly creating detailed, yet concise documentation; adept at influencing and driving cross-functional collaboration
Demonstrated ability to analyze information critically and synthesize findings into actionable insights and better data-driven decision-making.
Possess a natural curiosity and eagerness to explore new topics, with the ability to quickly learn and understand unfamiliar subjects. Demonstrates a proactive approach to identifying problems and implementing effective solutions.
Good organizational skills, proactive and self-sufficient with a proven ability to work independently and prioritize deliverables
Security Certifications of CISSP, CISM, CRISC, CISA a plus
Benefits
Great benefits
Wellness program offerings
Company retreats
Company
Justworks
Justworks makes it easier to start, run, and grow a business.
1,001-5,000 employees
H1B Sponsorship
Justworks has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (11)
2022 (15)
2021 (11)
2020 (4)
Funding
Current Stage
Late StageTotal Funding
$159.84MKey Investors
FirstMarkRedpointBain Capital Ventures
2023-11-01Series Unknown· $16.84M
2020-01-28Series E· $50M
2018-03-06Series D· $40M
Leadership Team
Michael Seckler
President & CEO
David Feinberg
Senior Vice President Risk and Insurance Programs
Recent News
2024-05-28
SEC
2023-11-02
Crunchbase News
2023-09-15
Company data provided by crunchbase
