: Senior Information Security Analyst
501 Boylston St.
Boston, MA 02116

Video

Were looking for an independent minded, detail oriented Senior Security Analyst with a broad base of technical and risk management experience to join our Information Security & Risk team to drive transformational improvement in our service assurance and vendor risk management processes.

Snyk builds industry-leading DevSecOps and open source security tools. The Information Security & Risk team has been newly created to centralise all corporate cyber and information security and risk management responsibilities within a single strategic function. We aim to move the risk needle for the company and create a reputation in the community for building (and open sourcing) best-in-breed, data-driven frameworks and capabilities. We are a new team within a high-growth, security focussed business so there is exceptional room for advancement in this role.

You know how to articulate our security posture externally and understand the importance of real third party risk management in a modern SaaS-heavy organisation. Youll use that knowledge to have a material (and visible) impact on our growth whilst also making a meaningful impact on the safety of our operations. Youll execute on your responsibilities both for delivery and for operational improvements that fundamentally upgrade Snyks capabilities.

Youll spend your time:

  • Operating as a sales-aligned security partner, facilitating sales and customer support engagements, including audits and questionnaires
  • helping to create collateral and white papers to enhance the public understanding of our security posture
  • contributing significantly to meaningful, data driven third party risk analysis and mapping this risk into wider business risk frameworks (we have a LOT of vendors)
  • acting as our North American timezone incident manager for major security incidents (training available)
  • owning a range of end-to-end process improvement to increase efficiency around service assurance, vendor risk analysis and incident management, improving efficiency, accountability and quality of service delivered to the business
  • Additional technical project delivery according to your ability and appetite

You should apply if you:

  • have a broad base of technical cybersecurity and risk management experience
  • have exceptional written and verbal communications skills and be comfortable presenting in unfamiliar environments
  • are familiar with a range of SaaS tools and their associated risks and best practices
  • understand and fundamentally believe in the importance of using security to increase the value of the business
  • enjoy the speed of a fast-paced, highly engaged startup-to-scaleout environment, particularly in commercially-sensitive situations

Wed especially love to hear from you if you:

  • have experience as an incident manager, or are interested in adopting this as a new skill (training available)
  • have previously worked with quantitative risk management techniques (or are willing to read Hubbard and Seiersens How to Measure Anything in Cybersecurity Risk)

Interested?

Please apply below! We care deeply about the warm, inclusive environment weve created and we value diversity - we welcome applications from those typically underrepresented in tech. If you like the sound of this role, but are not totally sure whether youre the right person, do apply anyway :)

About Snyk

Snyks mission is to help developers use open source code and stay secure.

The use of open source is booming, but security is a key concern. Snyks unique product enables developers and enterprise security teams to continuously find & fix vulnerable dependencies without slowing down, offering seamless integration into Dev, DevOps and DevSecOps workflows. We care deeply about the quality and usefulness of the tools we develop, always focusing on our customers and users.

We are distributed across four offices in London, Tel Aviv, Boston and Ottawa, with our engineering teams based mostly in London and Tel Aviv, and 10% of the company working fully-remote. Weve made an organizational commitment to building a strong, effective, distributed company: we have teams across multiple offices, and we invest in communication so that we can benefit from each others perspectives. Not to mention that we have an always-on webcam so we can see whats happening in each office, we make heavy use of video calls, Slack, and some inter-office travel.

At Snyk, we are experiencing rapid growth and we want you to join us! By the end of Q4 2019 alone, Snyk had already over 110,000 registered users, including multiple enterprise customers (such as Google, Salesforce, Mastercard, BBC, and others). We also raised an additional $150 million, announced January 21, 2020. With this investment, we have partnered with Stripe, along with Coatue, Tiger Global, BoldStart, Trend Forward, Amity and Salesforce Ventures, to build on our 2019 momentum and continue to fuel our developer-first approach to security.

We believe open source software is a force for good, and were building Snyk to make it easier for developers who arent security experts to stay secure.

#LI-TO1

Full-time