Security Third Party Risk Management Specialist III

Join Cloudflare as a Security Third Party Risk Management Specialist III, where you will play a crucial role in evaluating and managing risks associated with our third-party vendors. You will be responsible for conducting thorough risk assessments, identifying vulnerabilities, and implementing effective security strategies to ensure the safety and integrity of our operations.

At Anaplan, we are pioneers dedicated to enhancing business decision-making by leveraging our cutting-edge, AI-powered scenario planning and analysis platform. Our mission is to empower customers to surpass their competition and navigate the market effectively.What brings Anaplanners together—across various teams and locations—is our unwavering commitment to our customers’ success and our exceptional Winning Culture.Our clientele includes esteemed names such as Coca-Cola, LinkedIn, Adobe, LVMH, and Bayer, amongst over 2,400 global enterprises that trust our top-tier platform.Our Winning Culture is the driving force behind our innovative teams. We celebrate diverse perspectives and ideas, exhibit leadership qualities irrespective of titles, and are focused on achieving ambitious objectives, while reveling in our successes—both big and small.Guided by our principles of being strategy-led, values-based, and disciplined in execution, you will find inspiration, connection, development, and recognition here. Every unique contribution is valued; join us and let’s co-create the future!As our new Third Party Risk Analyst, you will be instrumental in safeguarding Anaplan by managing the risks associated with our third-party suppliers, reporting directly to our legal team. Your responsibilities will encompass the entire lifecycle of third-party risk management, including the identification, assessment, mitigation, and monitoring of risks to ensure our programs and business operations remain secure and resilient. This position demands a combination of analytical rigor, excellent communication skills, and the capability to collaborate across diverse teams.Your ImpactStrengthen Resilience: Play a vital role in enhancing Anaplan's security and resilience by creating and implementing a comprehensive third-party risk management framework.Drive Compliance: Ensure that all third-party relationships comply with company policies and adhere to regulatory guidelines and industry best practices.Enable the Business: Collaborate with business units to foster risk-aware decision-making, allowing them to engage effectively with suppliers while protecting the company.Enhance Visibility: Develop and manage reporting that delivers clear insights to leadership regarding third-party risk posture, trends, and key performance indicators (KPIs).Risk Assessment & Due DiligenceConduct thorough risk assessments of both new and existing vendors, with a focus on financial health...

Join dstaff as an Assurance Senior Associate in our Third Party Attestation Services team, where you will play a pivotal role in providing assurance services to a diverse range of clients. You will leverage your expertise to ensure compliance with regulatory standards, enhance client relationships, and contribute to the overall success of our assurance initiatives.

Fastly seeks a Security Risk Lead to guide efforts in managing and reducing security risks across the organization. This role partners with teams company-wide to develop and implement risk management strategies that safeguard Fastly’s systems and data. Role focus The Security Risk Lead works at the intersection of technology and policy, shaping approaches that strengthen the company’s security posture. Collaboration with multiple departments is central to identifying vulnerabilities and ensuring consistent risk mitigation. Key responsibilities Work with teams throughout Fastly to identify, assess, and address security risks Help design and execute risk management strategies Support efforts to maintain the security and integrity of company systems and data Locations Denver, CO New York City, NY San Francisco, CA

Join Grow Therapy as a Security Risk Program Lead where you will play a pivotal role in enhancing our security protocols and risk management strategies. We are seeking a passionate leader who is committed to safeguarding our operations and ensuring compliance with industry standards.You will oversee the development and implementation of security risk programs, identify potential threats, and collaborate with cross-functional teams to mitigate risks effectively. If you are driven by a desire to create a secure environment for our team and clients, we would love to hear from you!

Founded in 2007, Airbnb began with two hosts welcoming three guests into their San Francisco home and has since evolved into a thriving community of over 5 million hosts who have welcomed more than 2 billion guests across nearly every country worldwide. Our platform enables hosts to provide unique stays and experiences that foster authentic connections within communities.The Community You Will Join: As part of the Payment Risk Operations team, you will play a crucial role in safeguarding trust within our global marketplace. Our mission is simple yet impactful: to protect our community while preserving the magic of travel. We are dedicated to enhancing user satisfaction by developing thoughtful policies, intelligent rules, and innovative systems that improve the quality of every interaction on our platform.Your Contributions Will Include: As a Senior Risk Functional Specialist, you will oversee operational procedures and escalations related to stored value payment products (such as gift cards) and analyze performance metrics based on business and vendor feedback. Collaborating closely with operational stakeholders and cross-functional partners, you will drive changes to enhance our products and processes. Your decision-making skills will be instrumental in resolving a variety of complex challenges, and you will embody Airbnb's core values in all aspects of your work.Your impact will encompass:Transaction security across all Airbnb products and servicesRisk policy support to foster trust in our platformUser verification and onboarding experiences that harmonize security with seamless user journeysFraud detection systems that adapt to emerging threatsOperational excellence that enhances our customer interactions and experiences

The RoleAs the inaugural security leader at Candid Health, you will not merely oversee existing protocols but will be instrumental in constructing a robust team and innovative systems that ensure the safety of our customers and their patients. Collaborating closely with our Engineering and Product teams, you will enable rapid progress while upholding our commitment to data integrity.Key ResponsibilitiesBuild and Lead a Security Engineering Team: Recruit, hire, and manage a team of elite security engineers responsible for comprehensive Risk, Compliance, Threat Management, Product, and Application Security.Develop and Own the Security Roadmap: Spearhead the evolution from foundational security measures to a top-tier, enterprise-grade security organization.Lead Security Prioritization at an Executive Level: Serve as the subject matter expert, guiding the prioritization of security initiatives, assessing risks, and advising on strategies for mitigation in collaboration with our executive leadership.Champion Trust and Transparency: Oversee and drive compliance efforts related to HIPAA, SOC2, SOC1, PCI, and HITRUST, ensuring that security practices are not only compliant but integrated into daily operations. You will often represent the technical voice in discussions with our largest enterprise clients.Promote Security Culture: Educate and empower our workforce of 200 employees. Collaborate with various teams to foster a culture of security-first and compliance throughout the organization.Manage Vendor Relationships: Coordinate with third-party vendors for services such as penetration testing, ensuring our platforms are regularly evaluated and fortified, and assess vendor security prior to integration.

Join SoFi as a Security Product Lead specializing in Threat Intelligence and Insider Risk. In this pivotal role, you will spearhead initiatives that enhance our security posture and protect our assets from internal and external threats. You will collaborate with cross-functional teams to develop and implement innovative security solutions, ensuring the safety and integrity of our operations.

Join dstaff as a Technical Risk Governance Specialist in beautiful San Francisco, California! We are seeking a motivated professional to oversee and enhance our risk governance framework. You will play a crucial role in developing policies, procedures, and controls to manage technical risks effectively.

About DelveDelve is dedicated to transforming the compliance landscape, eliminating tedious manual tasks and creating seamless, automated partnerships. Our innovative solutions are trusted by over 450 rapidly expanding companies, including Lovable, 11x, and WisprFlow, enabling them to save countless hours while ensuring secure growth. With backing from prominent investors such as Insight Partners, General Catalyst, and Y Combinator, our team boasts a rich diversity of talent, including former founders, Olympiad medalists, and engineers from prestigious institutions like OpenAI, Stanford, MIT, and Berkeley.About the RoleIn the role of Senior GRC Specialist, you will serve as the primary advisor to our internal teams and customers. Your extensive knowledge of compliance frameworks will be key in guiding clients through their compliance journeys. You will closely collaborate with Sales, Customer Success, Product, and Engineering teams to translate compliance requirements into impactful solutions. This position is available for candidates located in the San Francisco Bay Area or those who prefer to work fully remotely from anywhere in the U.S.With a recent $32M Series A funding round, we are poised for rapid growth!Key ResponsibilitiesCustomer Advisory & Enablement: Conduct consultative calls and workshops to distill complex compliance standards such as SOC 2, ISO 27001, HIPAA, GDPR, HITRUST, FedRAMP, and FDA CFR into actionable strategies.Framework Expertise: Act as the Subject Matter Expert on various cybersecurity frameworks, addressing customer inquiries, assessing control implementations, and resolving audit challenges.Cross-Functional Collaboration: Partner closely with Product and Engineering teams to integrate audit readiness and customer insights into our platform’s core structure.Sales & Customer Success Support: Equip Sales and Customer Success teams with essential resources, including talking points and battlecards, to ensure confidence during customer interactions.Policy & Controls: Lead the development, documentation, and ongoing enhancement of our internal compliance framework as well as customer-oriented best practices.Audit Preparedness: Organize readiness assessments and manage evidence collection to guarantee that both Delve and our customers are always audit-ready.QualificationsProven experience in governance, risk management, and compliance, particularly with frameworks such as SOC 2, ISO 27001, HIPAA, and GDPR.Strong communication skills and the ability to engage effectively with clients and internal teams.Demonstrated ability to work collaboratively across different functions to achieve common goals.Experience in conducting workshops and training sessions.Bachelor's degree in a relevant field or equivalent experience.

As the Enterprise Risk Management Lead at Gusto, you will play a pivotal role in shaping our risk management strategy. You will be responsible for identifying, assessing, and mitigating risks across our organization, ensuring that we maintain a secure and compliant operational environment. Collaborating with cross-functional teams, you will develop and implement risk management frameworks that align with our business goals and regulatory requirements.

Waymo is at the forefront of autonomous driving technology, committed to becoming the world's most reliable driver. Originating from the Google Self-Driving Car Project in 2009, our focus has been on creating the Waymo Driver—The World’s Most Experienced Driver™—to enhance mobility access and save countless lives lost in traffic accidents. The Waymo Driver powers our fully autonomous ride-hail service and is adaptable across various vehicle platforms and applications. With over ten million rider-only trips completed, our driver has autonomously traversed more than 100 million miles on public roads and tens of billions in simulation across over 15 U.S. states.In the role of Insurance Risk Manager at Waymo, you will be at the cutting edge of identifying and managing emerging risks associated with our revolutionary autonomous driving technology. Collaborating closely with our legal, public policy, safety, security, and privacy experts, you will evaluate insurance trends and assess product liability, automotive, cyber, and related risks. Your insights will help us establish robust risk and insurance frameworks that safeguard our users globally. You will work alongside our business development, product partnership, strategy, and operations teams to ensure our company’s interests are shielded from existing and forthcoming risks. Additionally, you will support our legal and policy teams in aligning our exposure with our risk appetite through contract reviews and the assessment of emerging laws and regulations at both state and federal levels. By maintaining strong relationships with insurance and AV industry partners, you will actively anticipate, quantify, and mitigate emerging risks.This is a hybrid position reporting to the Head of Insurance Infrastructure.

Join dstaff as a Technical Risk Governance Specialist in the vibrant city of San Francisco! We are looking for a dedicated individual to help manage and mitigate technical risks within our organization. As part of our team, you will play a crucial role in ensuring that our technology systems are secure, compliant, and aligned with industry best practices.

Earnest is dedicated to empowering ambitious individuals to make informed financial decisions and create the lives they aspire to lead.Our team, known as Earnies, is passionate about providing borrowers with smarter borrowing solutions that offer a clearer path toward financial empowerment. If you share our enthusiasm for this mission, we invite you to explore the details below and join us in building something exceptional.The Senior Model Risk Manager will report directly to the Head of Credit Risk.In this role, you will:Take ownership of and enhance Earnest’s Model Risk Management framework, ensuring that our credit, loss forecasting, fraud, marketing, and finance models are robust, transparent, and scalable.Conduct independent end-to-end model validations, from conceptual soundness and data quality to performance monitoring and implementation review, providing constructive feedback to modeling teams.Collaborate closely with Data Science and Risk leaders early in the model design process to refine assumptions, enhance methodologies, and uplift modeling standards throughout the organization.Supervise model performance monitoring and proactively identify emerging risks, performance drift, or control deficiencies, ensuring timely and effective remediation.Produce clear, decision-ready validation reports and effectively communicate technical findings to drive impactful business outcomes and sound risk management decisions.Act as a trusted advisor on model governance, enabling Earnest to operate swiftly while maintaining the necessary discipline and controls of a leading lending platform.

About the TeamThe IT Risk team within Financial Risk Management (FRM) plays a pivotal role in overseeing technology risks across OpenAI’s engineering and infrastructure systems. These systems are essential for managing usage, monetization, and critical operations, encompassing everything from data generation and processing to pricing and billing logic. The team collaborates closely with Engineering, Product, and Finance, ensuring data integrity and control mechanisms are robustly defined, promoting reliable system performance under both normal and adverse conditions.About the RoleIn the capacity of Senior Manager, you will spearhead technology risk management across engineering-led systems. Your focus will be on ensuring the production, flow, and control of system-generated data is optimized for accuracy, completeness, and reliability. You will engage directly with Engineering and Product teams to influence system architecture, establish clear data ownership, and foster system dependability, eliminating the need for manual adjustments or post-issue fixes. We are eager to find individuals who thrive at the intersection of engineering and risk management, possess insights into systemic failures, and can translate these insights into effective control frameworks and operational expectations.This position is based in San Francisco, CA, following a hybrid work model of three days in-office each week, with relocation assistance available.Key Responsibilities:Define control expectations for systems that generate usage, monetization, and critical outputs.Identify potential failure points within engineering and infrastructure systems, ensuring appropriate controls are in place.Critique system designs that may introduce significant risks to data accuracy or system functionality.Establish clear accountability for data integrity across various systems and teams.Ensure systems yield complete and accurate outputs without the need for manual reconciliation.Lead efforts to address systemic risks comprehensively, beyond mere documentation.Ideal Candidate Profile:Extensive experience with engineering-driven systems, including infrastructure platforms and usage-based or monetization systems.Strong understanding of the intersection between engineering practices and risk management.Proven track record of influencing system design for improved risk mitigation.

We are seeking a dedicated Risk Management Analyst to join our team at Integrated Resources Inc. in the vibrant city of San Francisco. In this role, you will play a crucial part in identifying, analyzing, and mitigating risks that could impact our operations and objectives. You will utilize your analytical skills to assess risk exposure and develop strategies to minimize potential losses.

CoreWeave specializes in cloud infrastructure for artificial intelligence, serving a range of clients from AI research labs to global enterprises. The company is listed on Nasdaq as CRWV. More information is available at www.coreweave.com. Role overview The Senior Data Center Security Site Evaluation Program Manager plays a key role in evaluating and managing security risks when selecting new data center sites. This position reports directly to the Senior Manager of Data Center Risk and Assurance. What you will do Lead security risk assessments for potential data center locations. Collaborate with Site Selection, Legal, and Security Design teams to ensure each site meets CoreWeave’s security and contractual requirements. Collaboration This role works closely with multiple internal teams to maintain high security standards during the expansion of CoreWeave’s data center footprint.

Join our innovative team at Cardless as a Credit Risk Strategy Manager/Senior Manager, where you will play a crucial role in shaping our credit risk strategies. In this position, you will be responsible for analyzing data, developing risk models, and implementing strategies that ensure sustainable growth while maintaining a robust risk framework.

Role Overview Hex Technologies is hiring a Security GRC Manager to build and lead our security and privacy compliance programs. This position shapes the framework that keeps Hex aligned with regulatory, customer, and industry standards. The scope includes SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, PCI DSS, and other evolving compliance needs important to our clients. What You Will Do Design, implement, and scale security and privacy compliance systems from the ground up as Hex’s first GRC hire Develop processes and foster a culture that prioritizes integrity, customer trust, and ongoing audit readiness Work closely with engineering, business operations, and go-to-market teams to embed GRC best practices throughout the company Use automation and proactive risk management to streamline compliance efforts Communicate transparently about security and compliance with both internal teams and external stakeholders Balance strategic planning (long-term program roadmaps) with hands-on tasks, such as leading audits, conducting risk assessments, and responding to customer security questions Translate technical product knowledge into clear compliance documentation and trust-building materials for clients Location This role can be based in San Francisco, New York City, or remote within the United States.

Join Mercury as a Compliance Risk Manager within our Banking Advisory team, where your expertise will guide financial institutions in navigating complex regulatory landscapes. You will work collaboratively with clients to develop compliance strategies, assess risks, and implement effective controls to mitigate potential issues.Your role will involve analyzing compliance frameworks, conducting risk assessments, and providing actionable insights to enhance the client’s operational integrity. As a key member of our team, you will also stay abreast of evolving regulations and industry trends, ensuring our advisory services remain relevant and impactful.