Senior Security Risk Management Specialist
Posted on 3/29/2023
London, UK
Experience Level
Desired Skills
  • Senior level Security Risk Management experience typically gained in 8+ years experience working in GRC
  • Experience communicating, conducting, and managing security risk assessments; recommending mitigating controls; and reporting findings to leadership
  • Experience driving risk remediation and partnering with cross functional teams
  • Experience implementing a security risk methodology including processes for risk identification, prioritization, mitigation, reporting, and monitoring
  • Experience reporting on risks and program operations to management
  • Solid understanding of security risk and control frameworks such as ISO 27001, NIST SP 800-37, NIST SP 800-30, and NIST SP 800-53
  • Familiarity with Common Vulnerability Scoring System (CVSS), OWASP Risk Rating Methodology, and the MITRE ATT&CK Matrix
  • Solid understanding cloud security architectures, technologies, and security controls
  • Strong analytical and interpersonal skills
  • Self-starter with the ability to work independently with a sense of curiosity
  • Implement Cloudflare's risk management methodology
  • Lead enterprise and targeted risk assessments across the organization
  • Identify risk findings through vulnerabilities, security incidents, audits, and other security programs and determine how to integrate these into Cloudflare's risk register
  • Implement Cloudflare's new risk calculation formula across the risk register and enterprise risks
  • Drive risk treatment by determining risk ownership, recommending mitigation plans, and ensuring risks are included in technical organizations' roadmaps
  • Partner with security managers and technical program managers to develop risk-based roadmaps and support Security Team planning discussions
  • Implement and manage new Risk Governance processes with Security and technical organization leadership
  • Support risk updates to Executive leadership and Cloudflare's Risk and Compliance Committee
  • Ensure alignment between security risk and the internal audit and privacy teams
  • Maintain our Security Risk Management Policy, supporting process documentation, and Cloudflare's risk register
  • Support internal and external audits related to Cloudflare's risk management processes
  • Some travel may be required to engage teammates and stakeholders in San Francisco, Austin, or other global Cloudflare locations

1,001-5,000 employees

Web performance & security platform
Company Overview
Cloudflare's mission is to help build a better Internet. The company specializes in providing a content delivery network and DDoS mitigation services.
  • Competitive salaries
  • Take-what-you-need paid vacation policy
  • Comprehensive health plans and benefits
  • Paid maternity and paternity leave
  • Commuter and ride share options
  • Returnships
Company Core Values
  • Be curious to learn and grow
  • Communicate clearly, directly, and transparently
  • Do the right thing
  • Embrace diversity to make Cloudflare better
  • Get your work across the finish line
  • Lead with empathy and assume good intentions