Job Details
| Pay | $90,000 – $150,000 a year |
| Job Type | Full-time |
| Location | USA – Remote |
We are CrowdStrike, and our primary mission is to prevent security breaches. As a global leader in the field of cybersecurity, our team has revolutionized the industry. Since our inception, our cutting-edge cloud-native platform has provided unmatched defense against the most advanced cyber threats. We are actively seeking individuals who possess boundless enthusiasm, an unwavering commitment to innovation, and an unshakeable dedication to serving our customers as we play a pivotal role in shaping the future of cybersecurity.
Consistently recognized as an exceptional workplace, CrowdStrike is deeply committed to fostering an inclusive culture that prioritizes remote work, granting individuals the freedom and flexibility to balance their professional and personal lives while advancing their careers. Are you interested in joining a company that sets the industry standard and leads with unwavering integrity? Come be a part of our important mission – one team, one fight.
About the Role
The Senior Policy Governance Specialist will become an integral part of the Governance, Risk, and Compliance team, which is responsible for aiding in the identification, evaluation, quantification, tracking, and reporting of risk within CrowdStrike’s Governance, Risk, and Compliance (GRC) initiative. The primary role of the Senior GRC Specialist will entail overseeing the management of information security policies, standards, and procedures, aligning them with CrowdStrike’s audit and compliance obligations. The ideal candidate should be prepared to comprehend existing processes and actively seek opportunities to enhance CrowdStrike’s Information Security Policy and GRC program, with a focus on promoting a dynamic, secure, and empowered environment in a fast-paced setting.
Responsibilities
Utilize expertise in information security to chart the course for the organization and allocate resources for mission accomplishment.
Formulate and propose policy modifications to align with mission requirements.
Oversee security implications within the organization, as instructed.
Take charge of both internal and external compliance initiatives, carried out by independent third-party assessors.
Execute internal control audits and assume direct responsibility for achieving control objectives as defined in the GRC program.
Proactively pinpoint areas requiring enhancement within the company and spearhead initiatives to address and rectify these areas.
Carry out additional responsibilities falling within the purview of governance, risk, and compliance as necessary.
Qualifications & Requirements
Hands-on experience with policy and regulatory requirements, including:
- COBIT
- SOC1/SOC2
- CSA-CCM
- ISO27001/27002/27031
- GDPR
- CCPA
- PCI-DSS
- NIST Risk Management Framework
- Associated standards like sp800-34, sp800-53, FedRAMP, CMMC, IRAP, ISMAP, etc.
Practical experience leading internal compliance initiatives and effective communication with executives and senior management.
Ability to establish and maintain productive relationships across various departments within the organization.
Basic technical knowledge of critical technologies, including:
- Operating systems
- Networks
- Application development
- Databases
- Virtualization
- Cloud infrastructures Alternatively, a minimum of 5 years of relevant job experience or a bachelor’s/master’s degree in related fields with at least 3 years of experience.
Strong written and verbal communication skills, with fluency in English, either as a native or near-native speaker.
Additional Qualifications:
Bonus Points:
- Experience in independently establishing a GRC program from scratch.
- Proficiency in program and project management, including tasks such as scoping, work breakdown, critical path analysis, resource management, time estimation, risk assessment, and quality assurance.
- Capability to strategically analyze risks and connect them to practical organizational actions.
- Familiarity with cloud environments and CrowdStrike’s products or services.
Perks of Being Part of CrowdStrike:
- Emphasis on remote work culture
- Leading the industry in terms of competitive compensation and equity rewards
- Competitive vacation and flexible work arrangements
- Extensive and inclusive health benefits
- Holistic wellness programs for physical and mental well-being
- Generous paid parental leave, which includes adoption benefits
- Access to various professional development and mentorship avenues
- Offices equipped with well-stocked kitchens to foster innovation and teamwork
