Manager, Information Security Risk Management

  • R5625
  • Arlington, VA, United States

About the Team

Rapid7’s Trust & Security Governance team functions within the Information Security department and plays a crucial role in supporting the organization’s mission. We ensure we meet our duty of care to our customers, employees, and shareholders by creating effective governance for upholding internal security policies, identifying and managing security risk, distributing foundational security expertise across every department to create an exceptional security culture, and bolstering customer and community trust by providing accessible and transparent information about our internal security program. This role partners closely with other InfoSec teams, Legal, Procurement, and many other teams at Rapid7.

About the Role

We’re looking for an Information Security Risk Manager to provide leadership to develop and implement consistent information security risk management practices and partners closely with stakeholders throughout the organization to drive continued awareness and improvement.

In this role, you will:

  • Manage and enhance the information security risk management program, including participation in broader enterprise risk management, vulnerability management, and third-party risk management activities

  • Manage and maintain the Trust and Security Governance Integrated Risk Management framework that guides and informs risk-based decisions, including how risk is defined, assessed, responded to, and monitored over time

  • Partner closely with the Information Security Governance Manager to ensure that the information security risk management strategy keeps pace with evolving global standards, guidelines, regulations, and customer expectations

  • Establish security risk management procedures that enable the Trust and Security Governance Integrated Risk Management framework, including third-party risk and vulnerability management activities

  • Enhance and manage the information security risk assessment process against our infrastructure, products, and suppliers

  • Partner with appropriate teams to craft and report the annual security risk assessment

  • Establish key metrics and partner with various stakeholders to ensure appropriate plans are in place to mitigate identified risks and vulnerabilities

  • Provide oversight to ensure information security risk management activities are documented and consistently performed

  • Work with the Security PMO to ensure projects are properly scoped, tracked, communicated, and completed in an effective and efficient manner

  • Manage and develop a team of individual direct reports

The skills you’ll bring include:

  • Demonstrated experience with security audits, security control assessments, risk assessments, and/or compliance program management

  • Demonstrated experience creating and documenting risk methodologies, maintaining risk registers, performing risk assessments, and driving risk mitigation projects

  • Experience leading or partnering with third party risk and vulnerability management programs

  • Demonstrated experience with security standards/frameworks such as ISO 27001, SOC 2, PCI, FedRAMP, NIST CSF, etc.

  • Experience managing, developing, and growing diverse teams

  • Demonstrated experience with executing program initiatives through a distributed team of analysts

  • Experience developing and driving continuous program improvement

  • Excellent communication skills, including the ability to communicate security and risk-related concepts to technical and nontechnical audiences

  • Excellent time management and prioritization skills with a proven ability to plan, prioritize, and execute projects independently or in coordination with other teams

  • Effective negotiating, critical thinking and problem-solving skills, including the ability to optimize risk mitigation approaches across diverse business units

We know that the best ideas and solutions come from multi-dimensional teams. Teams reflecting a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7


Rapid7 (NASDAQ: RPD) helps organizations across the globe protect what matters most so innovation can thrive in an increasingly connected world. Our comprehensive technology, services, and community-focused research simplify the complex for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, be in 10 places at once, and shut down attacks. We’re on a mission to make security solutions easier to use and access so we can bring safety and resilience to more people.

With more than 10,000 customers across 140+ countries, Rapid7 is a leader in cybersecurity that has earned numerous industry accolades and recognition for our technology and culture.




 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Apply Now

Not You?

Application loading...

 

Jobs you may be interested in

Senior Renewal Support Specialist

R5885 Belfast United Kingdom Belfast, United Kingdom Finance Sales JOB_LEVEL-3-44
We are building a new Renewal Support team in Belfast and we are looking for individuals to join this team and be responsible for the creation of renewal quotes for our customers. You will have previous administrative experience with excellent att...

Renewal Support Specialist

R5887 Belfast United Kingdom Belfast, United Kingdom Finance Sales JOB_LEVEL-3-45
We are building a new Renewal Support team in Belfast and we are looking for individuals to join this team and be responsible for the creation of renewal quotes for our customers. You will have previous administrative experience with excellent att...

Senior QA Engineer

R5896 Tel Aviv Israel Tel Aviv, Israel Product & Engineering Development Engineering JOB_LEVEL-3-24
Senior QA Engineer Rapid7 Israel is seeking a senior QA Engineer with a passion for cloud security technologies to join the Cloud Workload Security Application team and be the team’s QA technical and technological leader. About the Team​ As part ...

International Senior Credit and Collections Analyst

R5891 Belfast United Kingdom Belfast, United Kingdom Finance Finance JOB_LEVEL-3-24
The Senior Credit and Collections Specialist will be responsible for collections with key partner accounts while building strong relationships with the partners and an excellent experience. This role will be responsible for establishing and mainta...

Apply Now

Not You?

Application loading...