Lead Security Risk Partner

4 days ago

Apply Now

Receive Emails with Similar Jobs

Klaviyo

WebsiteLinkedInAll Job Openings

Klaviyo is a unified customer platform for email, SMS, and more. Own your consumer data and interactions. #Klaviyo

Email Marketing • Ecommerce • Data Science • Analytics

1001 - 5000

💰 Secondary Market on 2022-09

Description

• Lead and execute new Risk program maturity projects that introduce more rigorous, streamlined, and automated approaches to risk management • Partner with other departments and teams to drive mutual understanding of security risks they own and how to prioritize managing those risks in support of Klaviyo’s goals • Create, tune, and operationalize business relevant security metrics (KPIs, KRIs, KCIs) that demonstrably improve security outcomes across Klaviyo • Review new products, product features, and internal business projects to guide teams toward secure paths forward and away from accruing new security debt • Collaboratively define and enable teams about security policies and standards that clearly establish Klaviyo’s risk tolerance bar

Requirements

• Experience doing security risk assessments, co-creating risk treatment strategies, and influencing risk treatment prioritization across diverse business units (Engineering, IT, Finance, Legal, etc.) • Thorough understanding of cloud-native web application architectures, security threats, and security best practices, especially in the context of AWS and Kubernetes • Experience using data visualization tools and SQL to build and operationalize security metrics (e.g. Apache Superset, Tableau, Domo, Amazon QuickSight) • Experience with scalable approaches to threat modeling, secure design reviews, and risk assessment methods that balance rigor and efficiency (e.g. Mozilla’s Rapid Risk Assessment) • Experience with security automation and process streamlining, ideally in the context of security risk management • A strong bias toward evidence, logic, math, and reason when communicating risk (instead of fear, uncertainty, and doubt) • A strong bias toward “guardrails, not gates” and “paved security roads” philosophies (instead of rigid “centralized command-and-control” thinking) • Excellent ability to plan, prioritize, and deliver results cross-functionally and in a timely fashion • Proficiency discussing complex, nuanced topics with technical & non-technical audiences alike, especially software engineering teams • Strong alignment with Klaviyo’s core values.

Benefits

• medical, dental and vision coverage • health savings accounts • flexible spending accounts • 401(k) • flexible paid time off • company-paid holidays • culture of learning that includes a learning allowance • access to a professional coaching service for all employees.