Information Security Risk Manager

About Pantheon

Pantheon WebOps Platform powers the open web running more than 300000 sites in the cloud for customers including Google Princeton Salesloft and Doctors Without Borders. Every day thousands of developers and marketers create iterate and scale WordPress and Drupal sites to reach billions of people globally. Pantheons multitenant container-based platform enables organizations to manage all of their websites from a single dashboard. Organizations including Clorox and the United Nations drive results through accelerated development and real-time publishing using Pantheons collaborative workflows.

The Role

Drive technical risk excellence across Pantheon as a key member of our Governance Risk and Compliance (GRC) team. Youll collaborate with teams throughout the organization to transform security risk initiatives into sustainable programs that support our business growth compliance requirements and security objectives. By combining your risk expertise with program management skills youll help shape the future of Pantheons GRC strategy while solving complex challenges critical to Pantheons continued growth and success.

About The Team

Our GRC team serves as the second line of defense and works closely with Information Security IT Product Engineering Legal and other departments to ensure comprehensive risk management across Pantheon. We create and maintain processes that identify assess and mitigate risk. The GRC team plays a vital role in supporting Pantheons commitment to delivering a secure reliable and available platform for our customers.

Remote Canada-based

We are only considering candidates based in Canada for this position with a preference for those located in Vancouver BC or Toronto ON

What You Need to Succeed :

• Define the Risk Management Methodology : The Risk Manager is responsible for creating and documenting Pantheons overall approach to risk. This includes defining the criteria for what constitutes an acceptable level of risk (risk appetite) how to score the likelihood and impact of a risk and how to ultimately treat those risks. This ensures everyone in the organization is on the same page and using a consistent process.
• Lead the Risk Assessment Process : This is the most crucial part. The Risk Manager orchestrates and guides the process of identifying analyzing and evaluating all information security risks. This individual ensures that all assetsfrom data and software to physical devices and intellectual propertyare considered. The Risk Manager works with different departments to identify potential threats and vulnerabilities.
• Develop the Risk Treatment Plan (RTP) : Once risks are identified and assessed the Risk Manager develops the formal plan for how to address each one. ISO 27001 gives four main options for risk treatment :
• Modify : Implementing controls to reduce the risk. This is the most common option.
• Retain : Accepting the risk because it falls within the acceptable risk appetite.
• Avoid : Stopping the activity that causes the risk.
• Transfer : Shifting the risk to a third party for example through cyber insurance or outsourcing.

The Risk Manager documents these treatment option decisions and ensures each risk has a designated risk owner who is accountable for its treatment.

What You Bring to the Table

What We Offer

We have all the usual perks and benefits but what we can really offer you is a fantastic work environment powered by an amazing team.

The Canadian base salary range for this position is between 00 CAD per year. This position also offers a performance bonus dependent on company performance. Our salary ranges are determined by role level and location.

Pantheon is an equal opportunity / affirmative action employer and we welcome applications from all backgrounds regardless of race color religion sex national origin ancestry age marital status sexual orientation gender identity veteran status disability or any other classification protected by law. Pantheon complies with federal and local disability laws and makes reasonable accommodations for applicants and employees with disabilities. If you need a reasonable accommodation due to a disability for any part of the interview process please contact Pursuant to local and federal regulations Pantheon will consider qualified applicants with arrest and conviction records for employment.

To review the Employee and Applicants Privacy Policy click here .

Required Experience :

Manager

Key Skills

International Development,EMC,JavaScript,Import & Export,Airlines,Asp.Net MVC

Employment Type : Full Time

Experience : years

Vacancy : 1