Flexera saves customers billions of dollars in wasted technology spend. A pioneer in Hybrid ITAM and FinOps, Flexera provides award-winning, data-oriented SaaS solutions for technology value optimization (TVO), enabling IT, finance, procurement and cloud teams to gain deep insights into cost optimization, compliance and risks for each business service. Flexera One solutions are built on a set of definitive customer, supplier and industry data, powered by our Technology Intelligence Platform, that enables organizations to visualize their Enterprise Technology Blueprint™ in hybrid environments—from on-premises to SaaS to containers to cloud.We’re transforming the software industry. We’re Flexera. With
more than 50,000 customers
across the world, we’re achieving that goal. But we know we can’t do any of that without our team. Ready to help us re-imagine the industry during a time of substantial growth and ambitious plans? Come and see why
we’re consistently recognized by Gartner, Forrester and IDC
as a category leader in the marketplace. Learn more at
flexera.com
About Flexera
Flexera delivers industry-leading technology value optimization solutions that enable you to inform your IT so you can transform your IT. From on-premises to the cloud, you get the IT asset data you need to right size, reallocate spend, reduce risk and maximize ROI. Our innovative technology has consistently positioned us as a Leader in the marketplace - recognized by Forrester, Gartner and IDC for the breadth and depth of our solutions.The Cybersecurity-Governance, Risk and Compliance Analyst will work very closely with the GRC Manager to oversee our ISO 27001 and SOC 2 Type II certifications and evaluate additional security frameworks. This role will also take part in addressing customer assessment questionnaires and audits, both pre/post-sales.Mandatory Skills:
- Work together with GRC Manager to Manage and sustain the company's multiple security certifications.
- Continuously review the ISO 27001 Information Security Management System to ensure compliance and annual recertification eligibility.
- Conduct risk assessments, maintain the risk register, report on risk, and work with various internal teams to mitigate risks across the organization.
- Proactively identify areas for improvement within the security program and lead efforts to address and remediate these areas.
- Manage the company’s vendor risk management program.
- Ensure organizational readiness for external audits.
- Manage pre- and post-sales customer assessment questionnaires and customer audits.
- Maintain comprehensive information security documentation, including policies, procedures, standards, guidelines, and diagrams.
- Recommend and implement policy and procedure changes in response to evolving security landscapes.
- Collaborate with various teams to integrate compliance and risk management processes into daily operations.
- Understand the role of systems and technology within the firm and their value to the business.
- Work with IT and business units to implement effective cybersecurity measures and integrate security practices into business processes.
- Assisting with data governance activities, producing data flow diagrams, and guiding information rights management/protection.
- Market the security program externally putting together collateral to speak to the robustness of the program.
Experience & Qualifications
- Computer Science Degree or substantial equivalent experience
- Experience with implementing and maintaining ISO 27001 program
- Experience with Third Party Security Assessment
- Experience with Customer Questionnaire and assessments
- Relevant industry certifications
- Experience working with IT and Security leadership to define & articulate security strategies and program plans.
Overall IT/Security Experience: 4 years
Role Specific Experience: 2 yearsWho You Are…Only those that possess the below qualities should apply, maintaining the status quo is not good enough, we are a team of people who are never done, we always strive to improve.Team Collaborator: Work across internal and external teams of all levels to proactively support the businessOutcome driven: Pursue impactful initiatives that move the needle on SOC operational effectivenessEffective Communicator: Delivers complex information in a confident and convincing manner, appropriate to a diverse audience.Inquisitive: A propensity to find out why something is the way it is, look under the covers, see if it can be improved.Analytical: Gather data from multiple sources, find areas of weakness or risk and come up with solutionsFlexera is proud to be an equal opportunity employer. Qualified applicants will be considered for open roles regardless of age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by local/national laws, policies and/or regulations. Flexera understands the value that results from employing a diverse, equitable, and inclusive workforce. We recognize that equity necessitates acknowledging past exclusion and that inclusion requires intentional effort. Our DEI (Diversity, Equity, and Inclusion) council is the driving force behind our commitment to championing policies and practices that foster a welcoming environment for all.We encourage candidates requiring accommodations to please let us know by emailing careers@flexera.com.
