Sr. Security Risk Manager
Security and Compliance | Seattle, WA, United StatesApply Now!
Avalara, Inc., (www.Avalara.com), is the leading provider of cloud-based software that delivers a broad array of compliance solutions related to sales tax and other transactional taxes.
What is it like to work at Avalara? Come find out! We are committed to the following success traits that embody our culture and how we work together to accomplish great things: Fun. Passion. Adaptability. Urgency. Simplicity. Curiosity. Humility. Ownership. Optimism.
We are building cloud-based tax compliance solutions to handle every transaction in the world. Imagine every transaction you make - every tank of gas, cup of coffee, or pair of sneakers, every movie ticket, or streamed song, every sensor-to-sensor ping. Nearly every time you make a purchase, physical or digital, there is an accompanying unique and nuanced tax compliance calculation.
We are seeking a highly motivated, experienced Sr. Security Risk Analyst to join our team.
Manage Avalara's security risk management framework, including identification of new and emerging risks
Participate in corporate-level risk management activities, representing the security organization
Maintain and monitor the security governance exception process
Maintain and monitor the security risk register (includes operational risks)
Identify risks by role, software, information type, and other categories and help develop acceptable mitigation strategies
Perform risk assessments, draft reports detailing methodology, results, and remediation plans
Maintain a prioritized roadmap to address gaps and improve practices
Coordinate quarterly risk review meetings
Coordinate with service owners to assess risks and align controls across platforms
Evaluate known issues and partner to identify root causes and solutions
Communicate risk posture to leadership and stakeholders consistently
Develop and maintain a dashboard of key risk indicators
Bachelor's degree in Computer Science, or equivalent experience
5+ years of risk management experience, in FinTech or SaaS environment preferred
3+ years of work experience in IT Audit, IT Security, or IT Risk Management
Understanding of risk concepts, including risk identification, evaluation, mitigation, and measurement
Multidisciplinary experience in risk, compliance, and program management
Understanding of business continuity, disaster recovery, vendor risk management, data privacy, security compliance subject areas
Working knowledge and experience with security standards and frameworks (NIST, ISO, PCI, SOC, etc.)
Skilled in business risk analysis and making technical trade-offs between short versus long-term security and business goals
Self-starter, self-motivated, pro-active, and able to handle concurrent activities
Experience working cross-functionally and globally, managing complex programs
Strong organizational and planning skills
Excellent verbal and written communication skills
Experience aggregating data to build reports and dashboards using tools such as Power B.I.
High-level understanding of cloud platforms (AWS)
Proven ability to take ownership and deliver results in highly ambiguous environments
CISSP, CISA, CISM, or other security certifications
Avalara helps businesses of all sizes achieve compliance with transactional taxes, including VAT, sales and use, excise, communications, and other tax types. We deliver comprehensive, automated, cloud-based solutions that are fast, accurate, and easy to use.
Avalara offers hundreds of pre-built connectors into leading accounting, ERP, ecommerce and other business applications. Each year, the company processes billions of tax transactions for customers and users, files hundreds of thousands of tax compliance documents and tax returns and manages millions of exemption certificates and other compliance related documents.
Avalara’s headquarters are in Seattle, WA and it has offices across the U.S. and in Brighton and London, England; Brussels, Belgium; and Pune, India. More information at: www.avalara.com
Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law.