Senior Security Risk Analyst - TPRM

As a Senior Security Risk Analyst - TPRM at Snowflake, you will be a crucial part of the Global Security Compliance & Risk team. Your primary responsibility will be to manage and enhance the existing program for evaluating the risk associated with third-party tools and services utilized by Snowflake. Your tasks will include managing the intake process, collaborating with stakeholders to gather necessary information, comprehensively understanding the use case for each tool/service, and reviewing documentation to ensure compliance with security controls. Key Responsibilities: - Independently conduct ongoing third-party security risk assessments to identify and evaluate security risks - Provide comprehensive evaluations and actionable recommendations based on security and compliance best practices - Support and oversee remediation efforts for identified gaps, including conducting remediation audits for validation - Review all evidence provided by vendors to compare their security controls with Snowflake's data protection requirements - Assess and manage security findings from various vendor security monitoring systems - Develop and enhance security documentation - Collaborate cross-functionally to achieve team objectives - Take a risk-based approach to reviewing and negotiating security agreements - Measure program effectiveness and ensure SLAs are met - Establish points of view, negotiate effectively, and drive outcomes with stakeholders Qualifications Required: - 6+ years of experience in a security compliance role with at least 3 years of previous experience in third-party security risk - Proficiency in a broad range of security best practices and technologies - Ability to work across different time zones - Excellent communication skills, including writing, summarizing, and presenting technical documents - Deep understanding of industry regulations and standards such as PCI-DSS, HIPAA, SOC1, SOC2, GDPR, and ISO standards - Exceptional organizational skills and ability to analyze, organize, and prioritize tasks effectively - Technical competence to explain complex security concepts to stakeholders with varying levels of cybersecurity knowledge - Strong problem-solving skills and ability to work independently or collaboratively - Strategic thinking, attention to detail, and a focus on accuracy and accountability - Experience leading meetings and engaging with internal and external stakeholders - High ethical standards as demonstrated by successful background checks and references Bonus Points for Experience With: - Proficiency in JIRA, Confluence, and ServiceNow - Experience in reviewing and negotiating security agreements - Security certifications such as CISSP, CCSP, CISA - Experience with major Cloud Providers like AWS, Azure, Google Cloud Join Snowflake, a fast-growing company that values innovation and challenges conventional thinking. Be a part of our team and contribute to our growth while building a future for yourself and Snowflake.,