CrowdStrike Logo

CrowdStrike

GRC Security Risk Manager (Remote)

Posted 14 Hours Ago
Be an Early Applicant
Remote
Hiring Remotely in USA
Expert/Leader
Remote
Hiring Remotely in USA
Expert/Leader
The GRC Security Risk Manager at CrowdStrike is responsible for overseeing cybersecurity risk management programs, ensuring compliance with policies, collaborating with various teams, and enhancing the GRC strategy to improve organizational security. This role involves leading a team, implementing risk management frameworks, and continuous improvement of cybersecurity processes.
The summary above was generated by AI

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate an inclusive culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike is seeking a highly experienced GRC Security Risk Manager to oversee and manage our cybersecurity risk management, issues and exceptions management, policy governance, and control framework programs. This critical role will play a key part in ensuring the security and integrity of our organization.

  • Oversee and manage CrowdStrike's cybersecurity risk management, issues and exceptions management, policy governance, and control framework programs

  • Identify, assess, measure, monitor, and report on information security risks

  • Track and remediate security issues and exceptions

  • Govern security policy, standards, and controls through CrowdStrike's Governance, Risk, and Compliance (GRC) program

  • Collaborate with Security teams, Engineering, and Internal Audit to ensure alignment and effective risk management

  • Lead organizational efforts in defining, establishing, managing, and enforcing cybersecurity policies, standards, and procedures

What You'll Do:

Team Leadership:

  • Lead a team of four people, ensuring their engagement, development, and performance in alignment with expectations.

Program Development and Management:

  • Develop and implement a comprehensive cybersecurity risk management program to identify, assess, and mitigate risks across the organization.

  • Build out the issues and exceptions management program to improve efficiency, effectiveness, user experience, and program scope.

  • Mature the policy governance program through content enhancement, stakeholder engagement, and enterprise awareness.

GRC Strategy and Alignment:

  • Help create and drive GRC strategy to increase business value and improve overall maturity of the GRC organization.

  • Align with cross-functional teams, including IT, business units, procurement, Legal, Product Security, and other stakeholders to ensure a comprehensive approach to security and compliance.

Continuous Improvement:

  • Proactively identify areas of improvement within Cyber GRC and lead efforts to address and remediate.

  • Perform other duties within the scope of GRC.

What You'll Need:

Education and Experience:

  • At least 10+ years of job-related experience in a related field, with a preferred BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, Cybersecurity, or other related field.

Technical Skills:

  • Proven experience in security risk management, including risk assessments, issue management, policy governance, and risk mitigation, with expertise in GRC tool implementation (ServiceNow).

  • Practical experience with policy and regulatory requirements such as SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, PCI-DSS and frameworks such as NIST Risk 800-34, NIST 800-53, etc.

  • Advanced technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.

Soft Skills:

  • Proven track record of successfully collaborating with cross-functional teams across multiple regions to achieve business objectives.

  • Ability to build rapport and maintain relationships across functions within the company, with external vendors, and with governmental teams.

  • Ability to think strategically about risks and tie those risks to tactical organizational activities.

Program and Project Management:

  • Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.

Bonus Points:

  • Experience with leading GRC products, such as ServiceNow, and/or cloud environments, including CrowdStrike products or services.

  • Practical experience in Software Development and Secure Coding best practices.

Ideal Candidate: We're looking for a seasoned security professional with expertise in risk management, cybersecurity principles, and effective communication.

  • Expert-level understanding of current processes and a proactive approach to improving CrowdStrike's risk posture and GRC program

  • Strong collaboration and communication skills, with the ability to work effectively across all levels of the organization

  • Relevant certifications (e.g. CISSP, CISM, CRISC) and experience in a similar role

What We Offer: The opportunity to work in a fast-paced, secure, and empowered environment in the tech industry, with a team of experienced security professionals.

#LI-Remote
#LI-RC1

Benefits of Working at CrowdStrike:

  • Remote-friendly and flexible work culture

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $0 - $0 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:02-24-2025

Similar Jobs at CrowdStrike

Be an Early Applicant
14 Hours Ago
VA, USA
Remote
10,000 Employees
Internship
10,000 Employees
Internship
Cloud • Information Technology • Sales • Security • Cybersecurity
As a TAC Malware Triage Intern, you will perform malware analysis, improve analysis workflows, extract configuration data, track new threats, document intelligence findings, and create detection signatures. The role requires strong problem-solving skills and the ability to learn new analysis techniques quickly.
Be an Early Applicant
20 Hours Ago
USA
Remote
10,000 Employees
Expert/Leader
10,000 Employees
Expert/Leader
Cloud • Information Technology • Sales • Security • Cybersecurity
The Business Partner role involves supporting CrowdStrike's MSSP partner ecosystem by managing daily operations, ensuring partner program integrity, and providing data-driven insights to enhance channel strategy. Responsibilities include onboarding partners, resolving contract complexities, optimizing operational processes, and delivering training for partner sales teams.
Be an Early Applicant
20 Hours Ago
10 Locations
Remote
10,000 Employees
Senior level
10,000 Employees
Senior level
Cloud • Information Technology • Sales • Security • Cybersecurity
As a Senior Active Defense Analyst, you'll monitor and respond to security threats using the CrowdStrike Falcon Platform, perform incident handling across various platforms, conduct malware analysis, and improve detection processes while producing clear communications for stakeholders.

What you need to know about the Toronto Tech Scene

Although home to some of the biggest names in tech, including Google, Microsoft and Amazon, Toronto has established itself as one of the largest startup ecosystems in the world. And with over 2,000 startups — more than 30 percent of the country's total startups — Toronto continues to attract new businesses. Be it helping entrepreneurs manage their finances, simplifying business operations by automating payroll or assisting pharmaceutical companies in launching new drugs, the city's tech scene is just getting started.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account