Jobs//Hybrid//Cybersecurity + IT//

Manager, Security Governance

Rapid7
| Hybrid
Sorry, this job was removed at 7:09 a.m. (EST) on Saturday, January 8, 2022
View 157 Jobs
Find out who's hiring in Greater Boston Area.
See all Cybersecurity + IT jobs in Greater Boston Area
View 157 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job

As Rapid7 continues to grow and scale our products and customer base, the Trust and Security Governance team leads the efforts to continue to evolve and mature our internal security program, establish and maintain trust with our customers and the community, and collaborate across all of the relevant teams inside the company to build and nurture awareness of our security program, company policies and security risks.

The Manager, Information Security Risk Management is an integral part of our Enterprise Risk Management and Third Party Risk Management programs, leading Information Security Risk Management activities in support of these functions. The Manager, Information Security Risk Management provides leadership to develop and implement consistent information security risk management practices and works closely with stakeholders throughout the organization to drive continued awareness and improvement.

Responsibilities

  • Manage and enhance the information security risk management program, including participation in broader enterprise risk management and third party risk management activities

  • Manage and maintain the information security risk management strategy that guides and informs risk-based decisions, including how risk is defined, assessed, responded to, and monitored over time

  • Ensure information security risk management program and strategy keep pace with evolving global standards, guidelines and regulations

  • Build strong and contextual security governance procedures (charters, steering committees, and approval flows) in relation to the information security risk management and third party risk management functions

  • Enhance and manage the information security risk assessment process against our infrastructure, products and suppliers; establishing key metrics and partnering with stakeholders including IT and engineering teams to ensure appropriate plans are in place to mitigate identified risks and continuously improve the program

  • Identify opportunities for automation within the information security risk management and third party risk management functions and build/implement solutions

  • Provide oversight to ensure information security risk management activities are documented and consistently performed

  • Lead the implementation and ongoing improvement of security training and awareness initiatives that educate stakeholders throughout the company on their role in managing risk and partnering to improve the organizational risk posture

  • Work with PMO to ensure projects are properly scoped, tracked, communicated, and completed in an effective and efficient manner

  • Manage and develop a team of individual direct reports

Qualifications

  • Demonstrated experience with security audits, security control assessments, risk assessments, and/or compliance program management

  • Demonstrated experience creating and documenting risk methodologies, maintaining risk registers, performing risk assessments and driving risk mitigation projects

  • Demonstrated experience with third party risk assessment and management

  • Demonstrated experience with security standards/frameworks such as ISO 27001, SOC 2, PCI, FedRAMP, NIST CSF, etc.

  • Knowledge of applicable regulations such as SOX, GDPR, etc. to manage risk and ensure compliance

  • Experience managing, developing and growing security teams

  • Excellent communication skills, including the ability to communicate security and risk-related concepts to technical and nontechnical audiences

  • Excellent time management and prioritization skills with a strong ability to plan, prioritize, and execute projects independently or in coordination with other teams

  • Effective negotiating, critical thinking and problem-solving skills, including the ability to optimize risk mitigation approaches across diverse business units

Rapid7 (Nasdaq: RPD) is advancing security with visibility, analytics, and automation delivered through our Insight cloud. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,300 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organization. For more information, visit our website, check out our blog, or follow us on LinkedIn

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

Location

Rapid7 is conveniently located between the North End and West End of Boston, with plenty of restaurants and public transport close by.

An Insider's view of Rapid7

What does your typical day look like?

For the majority of the day it’s a mix of weekly check-ins with various teams, project updates, and the occasional brainstorm.

When I’m not in meetings I’ve got headphones in while planning, writing, or designing — at my desk or perched somewhere around the office.

Grace

Senior Brand Storyteller

How has your career grown since starting at the company?

Ive been on many teams in my time at Rapid7 and they have certainly “grown” from a size perspective, but more importantly, they all evolved with the changing times and needs. Some of the teams I was on were critical for our sales grown in an emerging market and though they no longer exist by name, I can see the tangible impact we made.

Sarah

Manager, Commercial Sales

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Employee resource groups
Employee-led culture committees
Hybrid work model
President's club
Employee awards
Flexible work schedule
Remote work program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Mandated unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity employee resource groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring practices that promote diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance + Wellness
Flexible Spending Account (FSA)
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Child Care & Parental Leave
Generous parental leave
Family medical leave
Vacation + Time Off
Unlimited vacation policy
Generous PTO
Paid volunteer time
Our employees receive unlimited hours per year of paid volunteer time.
Paid holidays
Paid sick days
Employees receive unlimited hours per year of paid sick leave.
Bereavement leave benefits
Company-wide vacation
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Some meals provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Company-sponsored happy hours
Onsite office parking
Fitness stipend
Home-office stipend for remote employees
Meditation space
Mother's room
Onsite gym
Professional Development
Job training & conferences
Lunch and learns
Promote from within
Continuing education stipend
Variable.
Continuing education available during work hours
Online course subscriptions available
Paid industry certifications
View full list of perks + benefits

More Jobs at Rapid7

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Rapid7Find similar jobs like this