Senior Technical Risk Analyst (Information Security)
At Palo Alto Networks® everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.
We offer the chance to be part of a meaningful mission: ending breaches and protecting our way of digital life. If you are motivated, intelligent, creative, and carry a strong passion for security, then this job is for you!We are seeking a Senior Technical Risk Analyst , Risk Governance to join the Governance, Risk & Compliance (GRC) function of our Information Security team. You will join a team of experienced, out-of-the-box thinkers and create programs that deliver real security results. Your primary focus will be to reduce overall technology risks and mature Information Security Risk Management programs.
- Drive accountability for risk remediation (technical and operational risks) with internal customers (Engineering, DevOps, IT, Information Security)
- Build and cultivate positive working relationships with internal customers (Engineering, DevOps, IT, Information Security)
- Advise stakeholders on operationalization of critical foundational programs such as configuration management, patch management and vulnerability management
- Maintain and improve the risk register and associated risk management and remediation processes
- Evolve and support risk reporting to all levels of the organization (i.e. Executive, Management, SME)
- Quickly understand and document cloud and internal technology environments/systems, data flows and associated security controls
- Work closely with Information Security Architecture, Engineering and relevant operational teams to author and establish relevant technical or procedural standards
- Contribute to Governance, Risk Management and Compliance programs, as needed
- 10+ years of information technology and/or information security governance and risk experience
- Demonstrated knowledge of a broad range of technical concepts: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy
- Experience with security best practices and standards (SANS, OWASP, CIS, ISO 27001, SOC2)
- Strong knowledge of quantitative vulnerability scoring standards such as CVSS, OCTAVE, etc
- Experience working in-house with remediation owners (not consultants that design/implement and then leave for the next client/project). Looking for evidence of ability to build and foster positive, long-term relationships with internal stakeholders outside of InfoSec
- Bachelor's degree from four-year college or university; or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc.
We’re not your ordinary Information Security team. We’re a diverse group of security professionals that accepts challenging the status quo in order to protect Palo Alto Networks and our customers.
Driving innovation on the Information Security team of the fastest-growing high-tech cybersecurity company is a once in a lifetime opportunity. You’ll be joined by the brightest minds in technology, and our global teams are on the front line of defense against cyberattacks.
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at email@example.com.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.