We're looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you're a high performer who's an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.
Alteryx is searching for a Senior Analyst, Information Security GRC Business Continuity, to work remotely in the USA or in our Irvine or Redwood City office.
Alteryx is looking for a dynamic and results driven individual to work within the Information Security Governance, Risk and Compliance (GRC) function. A successful candidate in this role will be able to engage, inform, and get buy-in from leaders across the firm and work with them or their delegates to mature and develop business continuity plans and conduct periodic impact assessments. The ability to understand and represent the needs of business partners in time-sensitive situations while reinforcing established policies and procedures is also a highly visible part of overall job success.
- Support the business continuity management (BCM) program, including performing a business impact analysis (BIA), developing and testing business continuity plans (BCP), coordinating with IT on disaster recovery planning and updating crisis management plans (CMP)
- Assist in the planning, execution, and follow up of department and enterprise continuity tests
- Research, document, and manage action items and after-action reports related to live or planned incidents
- Be a Security and Compliance Champion that promotes and evangelizes awareness of different security and compliance risks and best practices across the company
- Regularly liaison with critical internal partners including but not limited to Legal, HR, and Internal Audit to secure buy-in and ensure consistency in programs and initiatives
- Support the Security Sales Enablement team with responding to client questionnaires and assist with the periodic validation and updating of items in the answer repository
- Assist with risk assessments-including third party vendor assessments, and manage associated security risk remediation activities
- Conduct control and risk assessments of technical operating environments and third party. Identify, document, and manage gaps related to security and compliance and other tasks to support ensuring Alteryx's underlying data and information security processes, infrastructure and measures are fit for purpose and scaled to deliver an appropriate level of protection.
- Review regulatory requirements, external policies or standards related to Information Security, and conduct gap analysis to internal security policies and requirements. Ensure compliance with regulatory compliance and certification programs (e.g., ISO 27001, SOC II, NIST CSF, FIPS, FedRAMP)
- Collaborate with cross-functional teams to ensure security related controls are documented and managed
- Serve as a subject matter expert on internal controls and security, and collaborate with Product Strategy and Development on product enhancements, features and security capabilities
- Provide consultative support for users in implementation or conversion of security risks
- Initiate new security projects and identify ways to improve internal security processes and operations while mitigating security related risk
- Ensuring compliance with the established key metrics that measure data security standards, the ISO standards/certification and provide evidence of compliance for internal and external audits.
- Alteryx Designer Core certification or a minimum of five (5) years experience writing SQL in an enterprise setting
- Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
- Strong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives within multiple departments
- Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
- Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.
- Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
- Follows policies and procedures; completes tasks correctly and on time; supports the company's goals and values.
- A comprehension of security standards and frameworks, rules and regulations, and system trust principals, such as ISO, NIST, OWASP, SANS Top 20, PCI-DSS, SOX-404, CSA Star, ITIL, and SOC2.
- The ability to discern patterns from large amounts of disparate information while remaining adaptable in rapidly changing situations and environments.
- Ability to make informal and formal presentations, inside and outside the organization; speaking before assigned team or other groups as needed.
- Ability to deal with complex challenges involving multiple facets and variables in non-standardized situations. Capability to work with little to no supervision while performing duties.
- Bachelor's Degree in Information Technology, Mathematics, Business, or Engineering with a minimum of three (3) years' progressive information security GRC experience is preferred
- Base understanding of Security Methodologies required.
- Possible certification requirements include: Certified Information Systems Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC)
Alteryx is committed to fair and equitable compensation practices. The salary range for this role in Irvine, CA is $111,900-190,200. This position is also remote-friendly and, as such, compensation will ultimately be in line with the location in which the position is filled. Final compensation for this role will be determined by various factors such as a candidate's relevant work experience, skills, certifications, and geographic location.
This role is eligible for variable compensation including bonus and stock grants.
Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we're invested in building teams with a wide variety of backgrounds, identities, and experiences.Benefits & Perks:
Alteryx has amazing benefits for all Associates which can be viewed here.
This job has expired.