Jobs
>
Étreux

    Senior Director, Risk Compliance - Boston, United States - Snyk Limited

    Snyk Limited
    Snyk Limited Boston, United States

    4 weeks ago

    Show more Collapse job
    Default job background
    Description

    Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever.

    But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced "sneak") comes in.

    Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure - and do it all right from the start.

    Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.

    Joining Snyk means embracing our core values: One Team, Care Deeply, Customer Centric, and Forward Thinking.

    As a member of our team, you'll have the opportunity to thrive in a dynamic environment where fostering collaboration, leading with empathy, driving business impact, and inspiring trust are at the heart of everything we do.

    Our Opportunity


    Snyk is seeking an experienced hands on GRC leader to strategize, build, operate, and mature our global GRC organization and lead cross-functional partnerships in maintaining commitments to Snyk customers, partners and employees.


    You will lead an exceptional team that will deliver fit-for-purpose and integrated risk and compliance functions that enable risk-based prioritization, executive and board level reporting, and support implementation.

    You will be a champion of data privacy and security and build those requirements into product offerings & services as well as day-to-day business processes.

    You will work directly with the rest of the Snyk team at large to mature and maintain a sustainable GRC program for the enterprise.


    You'll Spend Your Time:

    • Leading, motivating and developing a high performing security/privacy GRC team.
    • Partnering with cross-functional Snyk leaders to mature and maintain a sustainable GRC program for the enterprise.
    • Providing thought leadership on security-related regulatory and statutory matters that may impact the company.
    • Providing vision and hands-on leadership for developing and supporting initiatives in the areas of security and privacy policies, standards, training, external audits and gap assessments, continuous control monitoring, customer assurance and risk assessments.
    • Supporting procurement and commercial teams with respect to information security aspects of contract and relationship discussions with third parties.
    • Designing, maintaining and communicating security/privacy assurance and compliance strategies and plans a specific focus on expansion of the security certification portfolio that are designed to keep Snyk abreast of regulatory and commercially driven framework requirements in markets Snyk expands to.
    • Executing periodic organizational and asset level risk and impact assessments to identify security & privacy risks in a manner that drives Snyk leaders to invest in risk minimization efforts.
    • Driving operational efficiencies through process and program improvements and implementation of automation toolsets to gain efficiencies.
    • Providing advisory services to other teams on maintaining compliance with privacy and security policies and standards through the course of their business operations.
    • Collaborating with legal on the development and implementation of information security and data protection policies and processes.
    • Collaborating with security teams on matters relating to data assurance, data protection, threat defense, risk management, and regulatory compliance.
    • Working closely with legal and product teams globally to review products, features, new applications and initiatives to provide legal risk mitigation strategies to ensure legal compliance for products from an information security perspective.
    • Coordinating with legal, information security, trust & safety, privacy & data protection, and other cross-functional colleagues on all matters related to information security and incident response, including communication, policy development, and enforcement aspects.

    What You'll Need:

    • 10+ years of experience leading all aspects of a Security/Privacy GRC program, ideally with some experience in a SaaS or Tech organization.
    • Proven experience with and including driving certifications for multiple domestic and international security & privacy frameworks/standards such as ISO 27001, ISO 27701, SOC2, GDPR, IRAP, FedRAMP/StateRAMP, HIPAA, PCI DSS, CMMC.
    • Proven ability to develop and retain high performing GRC professionals.
    • Effective written and verbal communication skills, especially translating between business and technical terminology.
    • Outstanding cross-functional partnership skills with a confirmed ability to lead multiple stakeholders with conflicting priorities in a fast and constantly changing environment.
    • Certifications such as CRISC, CISA, CISSP or CISM are considered preferentially.
    #LI-TF1


    We care deeply about the warm, inclusive environment we've created and we value diversity - we welcome applications from those typically underrepresented in tech.

    If you like the sound of this role but are not totally sure whether you're the right person, do apply anyway

    About Snyk


    Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place.

    From Snyk employee resource groups, to global benefits that help our employees prioritize their health, wellness, financial security, and a work/life blend, we aim to support our employees along their entire journeys here at Snyk.

    Benefits & Programs

    Prioritize health, wellness, financial security, and life balance with programs tailored to your location and role.


    • Flexible working hours, work-from home allowances, in-office perks, and time off for learning and self development
    • Generous vacation and wellness time off, country-specific holidays, and 100% paid parental leave for all caregivers
    • Health benefits, employee assistance plans, and annual wellness allowance
    • Country-specific life insurance, disability benefits, and retirement/pension programs, plus mobile phone and education allowances

    We have other current jobs related to this field that you can find below


  • Ceres Group Boston, United States

    Join a global compliance team for one of Boston's leading Asset Management Firms. This role will report to the Manager of IT Security and is part of the IT Production Control & Risk Management group. The IT Security Risk Analyst is a member of the IT Security Risk & Audit team, a ...


  • CERES Group Boston, United States

    Join a global compliance team for one of Boston's leading Asset Management Firms. This role will report to the Manager of IT Security and is part of the IT Production Control & Risk Management group. The IT Security Risk Analyst is a member of the IT Security Risk & Audit team, a ...


  • Plona Partners Boston, United States

    Position: GRC Analyst · Location: Boston, MA · Onsite Expectations: Hybrid, (1/2) days per week · Size of Firm: 500 · Target Salary: $130,000 - $150,000 (no Bonus / Non-OT eligible) · Job Functions: · Assist with continued development and enhancements to the firm's governance, ...


  • Insight Global Boston, United States

    Insight Global is seeking a GRC Policy analyst to provide IT policies aligned with NIST security controls. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. This GRC Policy Anal ...


  • Federal Reserve Bank (NY) Boston, United States

    Risk Analyst, Consumer Compliance page is loaded · Risk Analyst, Consumer Compliance · Apply · locations · Boston, MA · time type · Full time · posted on · Posted 8 Days Ago · job requisition id · R · Company · Federal Reserve Bank of BostonAs an employee of the Bosto ...


  • WEX Boston, United States

    This is a remote position. For consideration, one must live within 30 miles of the following company HUBS:Portland, ME - Washington, DC - Boston, MA,Dallas, TX - Bay Area. About the Team. The WEX Information Security Governance Rick & Compliance Team Compliance Manager, Risk, Sec ...


  • Takeda Pharmaceutical Company Ltd Boston, United States Full time

    By clicking the "Apply" button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda's Privacy Notice and Terms of Use. I further attest that all information I subm ...


  • BioSpace, Inc. Boston, United States

    Job Details · By clicking the "Apply" button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda's Privacy Notice and Terms of Use . I further attest that all in ...


  • Takeda Boston, United States

    Ethics & Compliance Head of Anti-Bribery, Anti-Corruption & Third-Party Risk Management · At Takeda, we are guided by our purpose of creating better health for people and a brighter future for the world. Every corporate function plays a role in making sure we — as a Takeda team ...


  • Takeda Pharmaceuticals Boston, United States

    By clicking the Apply button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takedas Privacy Notice and Terms of Use . I further attest that all information I submit ...


  • Takeda Boston, United States

    By clicking the "Apply" button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda'sPrivacy Noticeand Terms of Use. I further attest that all information I submit ...


  • Takeda Pharmaceutical Company Ltd Boston, United States

    By clicking the "Apply" button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda's Privacy Notice and Terms of Use. I further attest that all information I subm ...

  • Cypress HCM

    GRC Analyst

    2 weeks ago


    Cypress HCM Boston, United States

    Governance, Risk, and Compliance Analyst · Location: Boston, MA · Hybrid: 1 day onsite · Employees: 500 Team Size: 10-15 · Industry: Law Firm · We are in search of a highly-motivated Governance, Risk, and Compliance (GRC) Analyst to support the development, implementation and mai ...


  • Insight Global Boston, United States

    Responsibilities: · • Ensure the confidentiality, integrity and availability of information by communicating risk. · • Create and maintain enforceable policies supporting processes. · • Ensure compliance with regulatory requirements. · • Coordinate security-related activities wit ...

  • CONFLUX SYSTEMS

    Project Lead

    2 days ago


    CONFLUX SYSTEMS Boston, United States

    Title : Project Lead · Location: Boston MA · Description: · • Lead/Execute projects in line with standard project management guidelines · • Lead issues and supply chain projects impacting patient safety, compliance, quality, service, growth, and value. · • Instill and maintain a ...

  • Mindlance

    Security Architect

    2 days ago


    Mindlance Boston, United States

    Title: Security Architect · Term: 12 Months (With the possibility of extension) · Location: Boston, MA 02108 · Work Model: 1 Day/Week Onsite · Hours per Week: 37.5 · Summary: · The Program Security Architect will collaborate with the Security Lead, Compliance Lead, Technical Lead ...


  • Acro Service Corp Boston, United States

    Job Title: Information Security Architect · Project Duration: 18-24 Months · Hours Per Week: 37.5 · Worksite Address: Boston, MA Hybrid) · Note: Must be local from MA or New England region only · JOB DESCRIPTION · Position Summary: · The Security Architect will work with the Secu ...


  • Veritas Search Group Boston, United States

    This role reports to the Director of Audit Management · GENERAL POSITION SUMMARY: · The Audit Management Manager is responsible for the execution of audit and inspection management activities, including internal and external processes, contributing to and executing audit plans, s ...


  • EPM Scientific Boston, United States

    Responsibilities: · Regulatory Strategy Development: Develop and implement comprehensive regulatory strategies to support the development, registration, and commercialization of oncology products in domestic and international markets.] · Regulatory Submissions: Oversee the prepar ...

  • Temu

    Legal Counsel-TEMU

    2 weeks ago


    Temu Boston, United States

    1Legal Counsel/ Senior Legal Counsel-Litigation · 2 Legal Counsel - Data Privacy · Overview: · We are seeking a Legal Counsel specializing in Data Privacy and Marketing Compliance to join our dynamic legal team. As a crucial member, you will be responsible for ensuring that our ...