Full-Time

Sr. GRC Specialist

Security Risk Management

Posted on 7/12/2024

HashiCorp

HashiCorp

1,001-5,000 employees

Cloud infrastructure and security management solutions

Compensation Overview

$152.3k - $215k/yr

Senior, Expert

Remote in USA

Category
Cybersecurity
IT & Security
Required Skills
Communications
Management
AWS
Requirements
  • 6+ years of experience in risk management, with at least 3 in security risk management
  • Strong understanding of cloud, preferably AWS
  • Considerable hands-on experience with one or more risk management framework or standard (e.g., FAIR, ISO 31000 and 27005, RMF, etc)
  • Ability to ask the right questions and understand complex technical topics
  • Strong understanding of current cyber security threats and TTPs
  • Excellent written and verbal communication
  • Ability to prioritize and track multiple projects in parallel
  • Highly responsive and collaborative
  • Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
Responsibilities
  • Help define and mature the internal and vendor security risk framework, program and processes
  • Help define, standardize, and educate stakeholders on risk taxonomy and nomenclature
  • Help define and continually improve risk scoring methodologies
  • Perform and facilitate internal and vendor security risk assessments
  • Review new risk submissions and facilitate its progress through the risk management process
  • Track progress against, follow up and report on risk treatment efforts
  • Maintain the security risk register
  • Track and report on risks to stakeholders across the company
  • Track and report on trends in security risk and threats
  • Define, track and report on KRIs
  • Help develop the HashiCorp Common Controls Framework
  • Help develop and contribute to quarterly and annual planning for the risk program
  • Track execution against OKRs and the risk program roadmap
  • Assist with other GRC activities as needed, including external security audits and other tasks as required

HashiCorp specializes in cloud infrastructure and security management, helping organizations automate and manage their operations across multiple cloud platforms and on-premises data centers. Its tools enable businesses to efficiently set up, maintain, and secure their cloud resources while ensuring compliance with regulations. HashiCorp serves a wide range of clients, from large enterprises to startups, addressing the challenges of high cloud costs and the shortage of skilled professionals by providing solutions for optimizing cloud spending and managing infrastructure effectively. The company offers both open-source and enterprise versions of its products, allowing it to build a large user base and convert some users into paying customers. HashiCorp generates revenue through subscriptions to its enterprise products, support services, and training programs, positioning itself as a significant player in the growing cloud infrastructure and security sector.

Company Size

1,001-5,000

Company Stage

IPO

Headquarters

San Francisco, California

Founded

2012

Simplify Jobs

Simplify's Take

What believers are saying

  • IBM's acquisition enhances HashiCorp's capabilities in hybrid cloud and AI-driven infrastructure.
  • Vault Enterprise 1.19's post-quantum features attract clients focused on future-proof security.
  • Growing demand for Infrastructure as Code tools boosts HashiCorp's market potential.

What critics are saying

  • Developer unrest over licensing changes may reduce support for open-source tools.
  • CMA's investigation into IBM's acquisition could delay strategic initiatives.
  • Technical challenges in integrating with IBM's platforms may affect product performance.

What makes HashiCorp unique

  • HashiCorp excels in multi-cloud and hybrid environment management with Terraform and Vault.
  • The company offers both open-source and enterprise solutions, catering to diverse client needs.
  • HashiCorp's tools are integral for lifecycle management and cost optimization in cloud infrastructure.

Help us improve and share your feedback! Did you find this helpful?

Benefits

Medical, dental & vision

Life & disability insurance

Flexible spending account (FSA)

Vacation and Other Leaves

401(k)

Family Expansion Benefit

Maternity and Parental Leave

Expanded Mental Health Support

Growth & Insights and Company News

Headcount

6 month growth

0%

1 year growth

0%

2 year growth

-1%
HK Silicon
Mar 7th, 2025
IBM Acquires HashiCorp for $6.4B

IBM has completed its acquisition of HashiCorp for $6.4 billion, paying $35 per share in cash for all outstanding shares. This acquisition aims to enhance IBM's hybrid cloud platform by integrating HashiCorp's automation and security capabilities. The collaboration will support cloud infrastructure management and innovation, leveraging products like Terraform and Vault. The move aligns with IBM's strategy to optimize IT automation and expand its influence in hybrid cloud environments.

Hawk Dive
Mar 6th, 2025
Vault Enterprise 1.19 enhances security with encryption and root automation

Recognizing the need for robust protection, HashiCorp has released Vault Enterprise 1.19, a comprehensive upgrade aimed at enhancing security workflows, integrating post-quantum computing features, and offering long-term support.

SiliconANGLE
Feb 27th, 2025
IBM Acquires HashiCorp for $6.4B

IBM has completed its acquisition of HashiCorp for $6.4 billion following regulatory approvals from the U.S. FTC and the U.K.'s CMA. The integration will focus on combining HashiCorp's Terraform with IBM's Ansible for enhanced infrastructure automation. HashiCorp's Vault will also integrate with IBM's OpenShift and Guardium. The acquisition is expected to boost IBM's earnings and free cash flow within two years. HashiCorp recently reported $11 million in adjusted operating income on $173.4 million in revenue.

Investing.com
Feb 19th, 2025
HashiCorp stock soars to 52-week high, reaching $34.48

In merger news, HashiCorp is set to merge with IBM (NYSE:IBM) for $35.00 per share in cash, with the transaction expected to close in the first quarter of 2025, pending closing conditions.

36Kr
Jan 21st, 2025
IBM's HashiCorp Acquisition Under Review

36Kr reports that the Australian regulator has begun reviewing IBM's acquisition of software company HashiCorp. Meanwhile, a report from Guosheng Securities suggests that monetary easing remains a major trend, with expectations of interest rate cuts of around 40 basis points and reserve requirement ratio cuts of 50-100 basis points by 2025. Despite recent setbacks, the overall policy outlook remains positive, with improved US-China relations adding to the optimism.

INACTIVE