at CrowdStrike, Inc. in Springfield, Illinois, United States
Job Description
CrowdStrike, Inc.Full time
R19350
About the Role:
The Risk Analyst will be part of the Governance, Risk, and Compliance (GRC) team, assisting in the identification, assessment, measurement, monitoring, and reporting of risk. This role focuses on managing the security risk process, performing risk assessments, and maintaining the risk and issue register.
The ideal candidate will understand current processes and proactively seek improvements in CrowdStrike’s Risk Management process and GRC program to support a fast-paced, secure, and empowered environment. They will be responsible for identifying, assessing, measuring, monitoring, and reporting risks through CrowdStrike’s GRC program. This operational role includes identifying business risks and overseeing the implementation of management controls within the Information Technology and corporate environments. The ideal candidate will have an expert-level understanding of current processes and proactively seek improvements in CrowdStrike’s risk posture and GRC program in the tech industry. They will conduct control testing, perform readiness assessments, and leverage their experience with various technical Information Technology environments (e.g., SaaS, Network Layer) to help business partners understand risks and achieve operational efficiency.
This role requires a strategic thinker with a deep understanding of cybersecurity principles and the ability to communicate effectively across all organizational levels.
What You'll Do:
Perform risk assessments to analyze security risks and create risk treatment plans.
Maintain and catalog a cybersecurity risk management program, including identifying, evaluating, and mitigating risks across the organization.
Maintain and catalog operational controls and their ownership across the organization.
Identify areas for improvement within GRC and lead efforts to address and remediate them.
Collaborate across departments to align with shared compliance goals and objectives.
Coordinate with IT and business units to implement effective cybersecurity measures and integrate security practices into business processes.
Evaluate new processes, policies, and systems to determine their impact on the Risk program.
Identify key risks and controls, recommend improvements, assess risks and controls for Information Security projects, and ensure the proper design and configuration of controls in related business processes and IT infrastructure using a risk-based approach.
What You’ll Need:
At least 5 years of job-related experience, with a preferred BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, Cybersecurity, or other related field.
Experience in using ServiceNow for Risk Management
Fundamental technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures.
Ability to evaluate the potential impact of issues on the overall security post
PI243328175
CrowdStrike, Inc. is an Equal Opportunity Employer and does not discriminate against any applicants for employment based on their race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, physical or mental disability, genetic information, veteran status, uniformed service member status, or any other status protected by law.
