Risk Engineer
Klaviyo is looking for a Risk Engineer to identify and evaluate security risk, build and develop controls, identify areas for improvement, and help mature the information security and privacy programs as a valued member of the Security and Trust team.
What you’ll be doing
- Manage and implement complex controls frameworks
- Build automation into the design of controls to eliminate the human elements
- Conduct risk assessments across business units and processes; document risk findings and remediation/mitigation plans
- Assist and/or implement controls to support risk mitigation efforts across various business units with stakeholders
- Leverage in-depth technical knowledge and business acumen to design and implement secure solutions
- Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
- Assist with the security compliance certification programs across the company that our customers depend on
- Enhance the team with your individualism, spirit, and love of learning
We’d love to hear from you if you:
- Minimum of 4+ years of information security, IT audit and/or IT Risk Management experience
- Deep knowledge of cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS) services and hosted infrastructure services (AWS)
- Experience working with APIs to automate testing and enable orchestration between various SaaS technologies
- Deep understanding of NIST CSF, ISO 27002, SOC 2, and SOX frameworks
- You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
- Have experience training and coaching teams to become better security and privacy practitioners
- You possess a heightened risk consciousness and enjoy evaluating risks before making decisions
- Like working on a small, autonomous, agile team. At Klaviyo, you will experience ownership over your work, but you'll collaborate with everyone to make sure we produce and implement the right solutions
Get to know Klaviyo
Klaviyo is a world-leading marketing automation platform dedicated to accelerating revenue and customer connection for online businesses using the channels they own like email, web and mobile. Enabling brands to leverage these owned marketing channels, Klaviyo makes it easy to store, access, analyze and use transactional and behavioral data to power highly-targeted customer and prospect communications. The company’s hybrid customer-data and marketing-platform model allows companies to grow by fostering direct, high-fidelity relationships with customers, without giving up their valuable data to Facebook or Amazon. In 2020, Klaviyo reached coveted unicorn status with a robust Series C of $200m at $4.15B valuation. Innovative companies like Unilever, Custom Ink, and Huckberry sell more with Klaviyo. Learn more at www.klaviyo.com.
Klaviyo does not tolerate and prohibits discrimination, harassment or retaliation of or against job applicants, contractors, interns, volunteers or employees by another employee, supervisor, vendor, customer or any third party.