Sr. Manager, Information Security

Overview

About Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We needed a new perimeter built in the cloud that follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees across offices in Santa Clara, St.

Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we promote partnerships, collaboration, and teamwork through open desks, large meeting spaces, catered lunches, and employee events. Visit us at Netskope Careers. Follow us on Linked In and Twitter @Netskope.

About the position: Based in St. Louis, this role is a member of the Global Information Security (GIS) team responsible for information security  Information Security Manager, Governance Risk and Compliance (GRC) will be a key member and manager of the GRC team, collaborating with the business on GRC activities, administering GRC solutions, managing external and internal auditing, managing the Cyber Risk Management Program (including third-party vendor risk management), and ensuring compliance objectives are achieved across the organization.

• Managerial responsibilities for all GRC team members including staffing, performance assessment, career path planning, training, and coaching/mentoring
• Evaluate design and operating effectiveness of controls
• Monitor, measure, and test core business processes against internal policies and procedures
• Validate test procedures against controls, identify issues, perform root cause analysis and assess impact
• Document results following compliance frameworks to reach conclusions
• Deliver value by providing recommendations and improvements around processes and/or controls to business partners
• Effectively communicate and report plans, status, issues, risks, and requirements to all levels of stakeholders
• Develop and manage Metrics and Measures Programs
• Provide training and coaching for Analysts, Engineers, and business partners
• Stay up-to-date on industry and regulatory changes
• Assist in enterprise-wide risk analysis in tandem with compliance and internal audit
• Assist in developing and managing the Cyber Risk Management Program and related tasks
• Support customer risk assessments, audits, and evidence collection
• Contribute to security procedures and requirements documentation
• Assist in the development and maintenance of Information Security control mappings to defined frameworks

• 7+ years in an information security GRC role (testing, monitoring, assurance within compliance, audit and operations) with at least
• 3+ years in a management or team lead role
• Strong people skills with the ability to partner effectively and influence change with stakeholders across the organization
• Strong knowledge of information security governance, risk, and IT controls compliance programs
• Strong understanding of cybersecurity, networking, system and cloud technologies
• Strong experience with testing and monitoring manual and automated controls
• Experience conducting risk assessments and knowledge of current industry practice for risk assessment methodologies and tools (e.g., FEDRAMP, NIST, ISO)
• Relevant qualifications/certifications such as CISSP, CISM, CISA or ISO 27001 Lead Auditor/Implementer equivalent
• US Citizenship

• Experience in performing risk assessments
• Experience in third-party (vendor) risk management
• Knowledge and experience in managing GRC tools
• Highly analytical with the ability to present analysis
• Strong written and verbal communication
• Experience in maintaining metrics and measures
• Experience in supporting customer audits
• Experience working with software engineering teams in an agile/dynamic environment
• General understanding of multiple/global compliance frameworks such as ISO 27001, FedRAMP, SSAE-18 SOC2, CSA STAR, Security Control Framework, HIPAA, PCI-DSS, etc.

Bachelor degree preferred.

At Netskope, salary is one component of our total rewards package. The salary range for this position is $103,000—$209,500 USD. This is a national range and applies to candidates in certain states; starting pay will be determined based on job-related skills, experience, location, and market conditions. For all sales roles, the posted salary range reflects On Target Earnings (OTE). In addition to salary, candidates may be eligible for bonuses, stock awards, health plans, and other benefits reviewed at Netskope Benefits site.

Salary Range: $103,000—$209,500 USD

Netskope is committed to equal employment opportunities for all employees and applicants. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran status, age, national origin, ancestry, disability, medical condition, sexual orientation,…