Paranoids Sr. Security Risk Analyst

Full Time
Sunnyvale, CA
Areas of Interest: Vulnerability Assessment and Management
report a problem
Overview


We're explorers, creators and innovators.
Join us.

 
A Little About Us
Yahoo is a guide focused on making users' daily habits inspiring and entertaining. By creating highly personalized experiences for our users, we keep people connected to what matters most to them, across devices and around the world. In turn, we create value for advertisers by connecting them with the audiences that build their businesses.

Yahoo is currently seeking a strong Senior Risk Analyst with a desire to focus on information security to join the Paranoids Risk Management team. This role provides significant growth in knowledge and experience in the areas of information security, risk management and technology. 


A Lot About You
The Senior Risk Analyst is responsible for ensuring Yahoo businesses and third parties are implementing appropriate security controls and compliant with regulatory guidelines and information security best practices through risk assessment activities including documentation and testing of key controls, analyzing technical security issues and recommending solutions to improve risk posture.   

Your Day
  • Conduct third party information security reviews to evaluate compliance to technical security policies and external regulations (i.e. PCI DSS, ISO); report on gaps, provide recommendations to mitigate risks and manage remediation plans
  • Work cross-functionally with Legal, Procurement and Privacy to support required approvals/touchpoints during the vendor evaluation process and manage third party security risk
  • Update the Information Security Agreement with new requirements and technologies when appropriate
  • Provide subject matter expertise on encryption, security controls and secure programming practices
  • Maintain and enforce information security policies and standards to enable a positive risk posture within Yahoo
  • Qualify and review security risk exception requests from the business
  • Act as a liaison between business and IT to understand and communicate technical security information to non-technical audiences
  • Contribute to other risk management activities such as tracking, driving and validating remediation of security vulnerabilities
  • Enable effective reporting of security risks across the company on a weekly, monthly, quarterly, and ad-hoc basis for executive leadership
What You Bring
  • 4+ years relevant experience in an information security, IT risk management, IT audit or consulting role with progressive experience in security policy management, IT/security assessments and IT/security risk identification/management/reporting
  • Bachelors Degree in Computer Science or Management Information Systems preferred
  • Ability to engage with teams to review application architecture and recommend secure designs for a fast paced, engineering-drive environment
  • Knowledge of control frameworks and external compliance regulations/standards such as NIST 800-53, PCI DSS, ISO27001, SSAE 16, COSO, COBIT, etc.
  • Proven ability to function well independently and in a team, and be comfortable in a fast-paced, dynamic environment
  • CISSP, CISM, CISA, CCNA certifications preferred
. . Yahoo is committed to equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or any other unlawful factor and complies with all applicable laws including those regarding consideration of qualified applicants with criminal histories (such as the San Francisco Fair Chance Ordinance). If your disability makes it difficult for you to use Yahoo Careers, please send a note to accessiblecareers@yahoo-inc.comYahoo participates in E-Verify



Share this job:

Yahoo

Yahoo is a guide focused on making users' digital habits inspiring and entertaining. By creating highly personalized experiences for our users, we keep people connected to what matters most to them, across devices and around the world. In turn, we create value for advertisers by connecting them with the audiences that build their businesses. Yahoo is headquartered in Sunnyvale, California, and has offices located throughout the Americas, Asia Pacific (APAC) and the Europe, Middle East and Africa (EMEA) regions.
Visit Yahoo's Social Media pages:
Company Industry: Internet
Company Type: Public Company
Company Size: 10,001+
One other job with this company: