Sr. Manager, Information Security
About Netskope
Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security.
Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope.
About the position:
Based in St. Louis, this role is a member of the Global Information Security (GIS) team which has oversight and operational responsibilities for the Information security of Netskope. The Information Security Manager, Governance Risk and Compliance (GRC) will be a key member and manager of the GRC team responsible for collaborating with the business on GRC activities, administering GRC solutions, managing external and internal auditing activities, managing the Cyber Risk Management Program including third party vendor risk management and ensuring compliance objectives are being achieved across the organization.
Responsibilities:
• Responsible for managerial responsibilities such as staffing, performance assessment, career path planning, training, and coaching/mentoring for all GRC team members
• Evaluating design and operating effectiveness of controls
• Ability to monitor, measure and test core business processes against internal policies and procedures
• Validating test procedures against controls, issue identification, root cause analysis and impact assessment
• Documenting results following compliance framework to arrive to conclusions
• Deliver value and insights by providing recommendations/improvements around processes and/or controls to business partners
• Effectively communicate and report out on plans, status, issues, risks, and requirements to all levels of stakeholders
• Develop and manage Metrics and Measures Programs
• Provides training, and coaching for Analysts, Engineers, and business partners
• Keep up-to-date on industry and regulatory changes
• Assist in conducting enterprise-wide, ongoing risk analysis in tandem with compliance and internal audit.
• Assist in the development and management of the Cyber Risk Management Program and performing supporting tasks
• Support Customer risk assessments, audits, and evidence collection.
• Contributes to security procedures and requirements documentation
• Assists in development and maintenance of Information Security control mappings to defined frameworks
Requirements:
• 7+ years in an information security GRC role testing, monitoring, assurance within compliance, audit and operations with at least
• 3+ years in a management or team lead role
• Strong people skills, including the ability to partner effectively and influence change with stakeholders across the organization
• Strong knowledge of information security governance, risk, and IT Controls compliance program
• Strong understanding of cybersecurity, networking, system and cloud technologies
• Strong experience with testing and monitoring manual and automated controls
• Experience with conducting risk assessment and knowledge of current industry good practice for risk assessment methodologies and tools,( e.g., FEDRAMP, NIST, ISO)
• Should possess relevant technical/professional qualifications/certification such as CISSP, CISM, CISA or ISO 27001 Lead Auditor/Implementer equivalent.
• US Citizen
Desired Skills:
• Experience in performing risk assessments.
• Experience in third party (vendor) risk management
• Knowledge and experience in managing GRC tools.
• Highly analytical with the ability to present your analysis
• Strong written and verbal communication
• Experience in maintaining metrics and measures.
• Experience in supporting customer audits
• Experience working with software engineering teams in an agile/dynamic environment
• General understanding of meeting multiple/global compliance frameworks such as ISO 27001, FedRAMP, SSAE-18 SOC2, CSA STAR, Security Control Framework, HIPAA, PCI-DSS, etc.
Education:
Bachelor degree preferred.
Compensation:
At Netskope, salary is one component of our competitive total rewards package. The salary range for this position is as listed below. This is a national range. For purposes of complying with applicable laws, the range applies to candidates in California, Colorado, Illinois, Maryland, New York, Washington, and other states.
The successful candidate’s starting pay will also be determined based on job-related skills, experience, qualifications, location, and market conditions.
For all sales roles, the posted salary range is the On Target Earnings (OTE) range for the role, which is the sum of base salary and target commission amount at 100% goal achievement.
In addition to salary, candidates may be eligible for other forms of compensation such as participation in a bonus plan (for non-sales roles) and a stock award program. Candidates may also be eligible for a comprehensive health plan and other benefits that can be reviewed at Netskope Benefits site.
Salary Range
$103,000—$209,500 USD
Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate.
Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.
The application window for this position is expected to close within 50 days. You may apply by filling out the below information, or visiting our Netskope Careers site.
Apply tot his job
Apply To this Job
Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security.
Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope.
About the position:
Based in St. Louis, this role is a member of the Global Information Security (GIS) team which has oversight and operational responsibilities for the Information security of Netskope. The Information Security Manager, Governance Risk and Compliance (GRC) will be a key member and manager of the GRC team responsible for collaborating with the business on GRC activities, administering GRC solutions, managing external and internal auditing activities, managing the Cyber Risk Management Program including third party vendor risk management and ensuring compliance objectives are being achieved across the organization.
Responsibilities:
• Responsible for managerial responsibilities such as staffing, performance assessment, career path planning, training, and coaching/mentoring for all GRC team members
• Evaluating design and operating effectiveness of controls
• Ability to monitor, measure and test core business processes against internal policies and procedures
• Validating test procedures against controls, issue identification, root cause analysis and impact assessment
• Documenting results following compliance framework to arrive to conclusions
• Deliver value and insights by providing recommendations/improvements around processes and/or controls to business partners
• Effectively communicate and report out on plans, status, issues, risks, and requirements to all levels of stakeholders
• Develop and manage Metrics and Measures Programs
• Provides training, and coaching for Analysts, Engineers, and business partners
• Keep up-to-date on industry and regulatory changes
• Assist in conducting enterprise-wide, ongoing risk analysis in tandem with compliance and internal audit.
• Assist in the development and management of the Cyber Risk Management Program and performing supporting tasks
• Support Customer risk assessments, audits, and evidence collection.
• Contributes to security procedures and requirements documentation
• Assists in development and maintenance of Information Security control mappings to defined frameworks
Requirements:
• 7+ years in an information security GRC role testing, monitoring, assurance within compliance, audit and operations with at least
• 3+ years in a management or team lead role
• Strong people skills, including the ability to partner effectively and influence change with stakeholders across the organization
• Strong knowledge of information security governance, risk, and IT Controls compliance program
• Strong understanding of cybersecurity, networking, system and cloud technologies
• Strong experience with testing and monitoring manual and automated controls
• Experience with conducting risk assessment and knowledge of current industry good practice for risk assessment methodologies and tools,( e.g., FEDRAMP, NIST, ISO)
• Should possess relevant technical/professional qualifications/certification such as CISSP, CISM, CISA or ISO 27001 Lead Auditor/Implementer equivalent.
• US Citizen
Desired Skills:
• Experience in performing risk assessments.
• Experience in third party (vendor) risk management
• Knowledge and experience in managing GRC tools.
• Highly analytical with the ability to present your analysis
• Strong written and verbal communication
• Experience in maintaining metrics and measures.
• Experience in supporting customer audits
• Experience working with software engineering teams in an agile/dynamic environment
• General understanding of meeting multiple/global compliance frameworks such as ISO 27001, FedRAMP, SSAE-18 SOC2, CSA STAR, Security Control Framework, HIPAA, PCI-DSS, etc.
Education:
Bachelor degree preferred.
Compensation:
At Netskope, salary is one component of our competitive total rewards package. The salary range for this position is as listed below. This is a national range. For purposes of complying with applicable laws, the range applies to candidates in California, Colorado, Illinois, Maryland, New York, Washington, and other states.
The successful candidate’s starting pay will also be determined based on job-related skills, experience, qualifications, location, and market conditions.
For all sales roles, the posted salary range is the On Target Earnings (OTE) range for the role, which is the sum of base salary and target commission amount at 100% goal achievement.
In addition to salary, candidates may be eligible for other forms of compensation such as participation in a bonus plan (for non-sales roles) and a stock award program. Candidates may also be eligible for a comprehensive health plan and other benefits that can be reviewed at Netskope Benefits site.
Salary Range
$103,000—$209,500 USD
Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate.
Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.
The application window for this position is expected to close within 50 days. You may apply by filling out the below information, or visiting our Netskope Careers site.
Apply tot his job
Apply To this Job