Senior Technical Risk Analyst

Iterable is the customer activation platform that helps brands deliver joyful experiences with harmonized, individualized, and dynamic communications at scale-Iterable is built for marketers, trusted by engineers, and designed with intelligence. We know this space well: our product team built the growth systems that powered Twitter's early success. We've surpassed $100M in ARR and have raised more than $340M from top-tier investors like Index Ventures, Viking, and CRV, and hundreds of companies like Zillow, SeatGeek, and Box rely on us to captivate their many millions of users.

Developed for the enterprise, Iterable is built from modern technologies that transform cloud, partner and tool-specific data into integrated, personalized engagements. No matter the audience size or degree of campaign sophistication, Iterable empowers brands to implement where it matters most-creating experiences and promoting connections with over 2 billion people world-wide. Leading brands, like Zillow, DoorDash, Calm, Madison Reed, and Box, choose Iterable to power excellent customer experiences throughout the entire lifecycle.

Iterable's momentum grows daily and there has never been a more exciting time to join the team! We've been recognized as one of the Best Places to Work - SF for the past four years, one of the Best Places to Work in Colorado for the past two years, and were named as one of Colorado's Best Paying Companies! We've also been listed on Wealthfront's Career Launching Companies List for the past two years, rank sixth on the list of Top 25 Companies Where Women Want to Work and hold a top 20 spot among the SaaS 100.

We have a global presence with offices in San Francisco, New York, Denver, and London, and remote employees located all over the world. As we scale, we continue to live by our core four, founding values - Trust, Growth Mindset, Balance, and Humility. To understand the Iterable story, and learn more about our mission, explore our Culture and About Us page.

How you will make an impact:

We are looking for an experienced analyst who is a self starter and highly motivated team player. The ideal candidate will have a high level of passion for cybersecurity and ultimately drive positive change in our company's risk posture. You'll report directly to the Senior Manager, Technical Risk Management.

You enjoy bringing all cross-functional teams together to find the simplest and best solutions while ensuring the details are not overlooked. You're constantly learning and applying a broad range of skills and collaborating with a highly-experienced management team dedicated to ensuring Iterable's success and your career growth.

Iterable is experiencing rapid growth and we need your depth of experience and expertise to help us grow effectively and iterate on security and compliance methodologies. We're looking to expand our small but growing organization with teammates who are intellectually curious, willing to embrace challenges, all while keeping our company values of Humility, Trust, Growth Mindset, and Balance top of mind. One of our core values is growth mindset and Iterable is a company where everyone can grow. If this is a role that excites you, please do apply as we value applicants for the skills they bring beyond a job description.

In this role you'll get to:

• Contribute to development and continuous improvement of the Technical Risk Management program as part of the Governance, Risk, and Compliance (GRC) function
• Collaborate with legal, procurement, and other teams as a security representative for the third party risk program and processes
• Review vendor contracts and MSAs to ensure that they align with policy and security requirements
• Provide security review of selected vendors and evaluate the risk to the company for the engagement
• Maintain, curate, and improve our vulnerability management / third party risk management processes
• Lead cyclical planning, engagement, and escalation communications for identified risks
• Establish cross-functional partnerships to drive compliance for third party vendors to our security policies
• Assist in collaborating with engineering as a security representative for the risk remediation processes

We are looking for people who have:

• Previous experience in a GRC role
• Working knowledge of Third Party Risk assessments and/or vendor security reviews
• Customer service mindset using collaboration and influence as primary engagement methods
• Some experience in developing policies, guidelines, standards, and procedures
• Some experience with vendor security rating tools and methodologies
• Working knowledge of risk assessment fundamentals (impact analysis, residual risk analysis, mitigation strategies, NIST framework, CIS Controls)
• Prior exposure and technical aptitude for understanding application and infrastructure vulnerabilities; especially in cloud environments

Perks & Benefits:

• Paid parental leave
• Great compensation packages, meaningful equity, & 401(k) plan
• Medical, dental, vision, & life insurance
• Balance Day (First Friday off every month)
• Fertility & Adoption Assistance
• Paid Sabbatical
• Flexible PTO
• Daily lunch allowance
• Monthly Employee Wellness allowance
• Quarterly Professional Development allowance
• Pretax commuter benefits
• Complete laptop workstation

We've rethought traditional workplace planning and are looking to strengthen belonging, innovation, productivity, and happiness whether it's in an office, from home, or a hybrid of the two. As such, we've moved to a single geographical compensation band for all of our employees (the San Francisco Bay Area market for the US, London for the UK).

The minimum salary for this position is $168,000/year. The compensation package includes equity, plus a range of medical, dental, vision, financial and other benefits. Additionally, perks such as daily paid lunches and generous stipends for health & fitness and learning & development, among others, are included.

Iterable is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Iterable does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Iterable also strives for a healthy and safe workplace and strictly prohibits harassment of any kind. Pursuant to the San Francisco Fair Chance Ordinance and other similar state laws and local ordinances, and its internal policy, Iterable will also consider for employment qualified applicants with arrest and conviction records.