Fastly

Security Risk Lead

Fastly

full-time

Posted on:

Location Type: Hybrid

Location: DenverCaliforniaColoradoUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $132,060 - $186,444 per year

Job Level

Senior

About the role

  • Lead targeted security risk assessments across the organization, proactively identifying gaps and risks which pose a threat to the safety and security
  • Analyze risk data to identify patterns of deficiencies and collaborate with Security Architects, Product Owners, Engineering, and Senior Leaders to propose new, or challenge existing, mitigation plans
  • Own and evolve the systems that track our risk decisions and mitigations; ensuring we have visibility into the greatest areas of concern, where we need to buy down more risk, and to keep our mitigation plans on track with the committed timelines
  • Oversee relevant Risk Committees to identify and discuss systemic and cross-functional security risks, influencing Senior Leaders across Fastly to commit to mitigation plans
  • Design metrics and reporting to give Senior Leadership a pulse check on our security posture, highlighting exactly where we need to invest
  • Maintain Fastly’s core security policies and standards, balancing industry best practices with our risk appetite
  • Support the assessment and maintenance of our third party risk within Fastly’s vendor landscape

Requirements

  • 6+ years of relevant experience and a Bachelor’s degree in Management Information Systems, Computer Science, or a related field
  • Proven leadership in security strategy, including influencing organizational direction, and embedding a security-first mindset across teams
  • Extensive experience dissecting complex environments to find risks that actually matter; ability to communicate technical vulnerabilities in a manner that adequately portrays the magnitude of the risk to technical and non-technical stakeholders
  • Ability to translate risks into actionable security controls
  • Working knowledge of various frameworks and industry standards, such as: NIST CSF, ISO 27001, PCI DSS, HIPAA, FAIR, and OWASP Top 10
  • Experience crafting security policies and standards that take into account a company’s unique operating environment while still meeting security best practices
  • Ability to interpret internal security controls and requirements to assess and manage risk associated with third party vendors
  • Excellent communication and collaboration skills, capable of engaging with both technical teams and non-technical stakeholders at all levels to articulate risks, trade-offs, and security recommendations
  • Experience using governance, risk management, and compliance (GRC) tools preferred
Benefits
  • medical, dental, and vision insurance
  • Family planning, mental health support along with Employee Assistance Program
  • Insurance (Life, Disability, and Accident)
  • a Flexible Vacation policy
  • up to 18 days of accrued paid sick leave
  • 401(k) (including company match)
  • an Employee Stock Purchase Program
  • 12 paid local holidays
  • 12 paid company wellness days
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security risk assessmentsrisk data analysismitigation planssecurity policiessecurity standardssecurity controlsNIST CSFISO 27001PCI DSSHIPAA
Soft Skills
leadershipcommunicationcollaborationinfluencingtechnical communicationrisk translationengagementstakeholder managementproblem-solvingstrategic thinking