A
Posted 2 days ago
Security Risk Manager
AsanaSecurity Risk Manager
Perks & benefits
Education AllowanceHealth InsuranceFamily Medical InsurancePaid Leave
Requirements
7+ years information security experience, GRC expertise, Quantitative risk methodologies (FAIR), Automation and scripting skills, Knowledge of NIST, ISO 27001, SOC 2, FedRAMP, Cloud and SaaS architecture understanding
Skills
GRCNISTrisk management
About the role
Responsibilities
- Own Asana's security risk management program by designing and maturing a quantitative risk framework
- Build and maintain a living risk register, developing KRIs and driving accountability for remediation
- Automate risk identification and monitoring by implementing data pipelines and integrations with security tooling
- Deliver quantitative risk reporting through executive-level dashboards communicating probability and impact
- Partner cross-functionally with Legal, Privacy, Finance, and Engineering to influence security investment
Requirements
- 7+ years of experience in information security with a focus on security risk management and GRC
- Demonstrated experience building or leading a security risk management program
- Hands-on experience with quantitative risk methodologies such as FAIR or statistical risk analysis
- Experience scripting or building automation to integrate security tooling and data pipelines
- Deep knowledge of security frameworks including NIST CSF, ISO 27001, SOC 2, and FedRAMP
- Strong understanding of cloud environments and SaaS architecture
- Excellent communication skills for translating technical risk to C-suite stakeholders
About the Company
Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSecurity Risk Manager
Asana · San Francisco
