Security Risk Specialist
IN-Remote
India Careers
Req #: 15602
Type: Regular
|
Overview: Avalara is looking for a security risk specialist to join our team reporting to the Senior Manager, Governance Risk & Compliance. We are looking for the ability to conduct risk analysis at a systemic level, working with engineers and architects as they develop Avalara's next-generation services. You understand technical controls and be able to analyze application / product security within Avalara, including internal processes and reporting, and risks identified through code and design reviews of both internal and customer-facing software products and solutions. You will report to Senior Manager. Responsibilities: * You will perform comprehensive risk assessments aligned with Avalara's risk management framework and develop applicable remediation plans. * You will analyze and identify risks across technical environments, with a focus on application design, software architecture, and security tooling configurations. * Guide the identification, management, and mitigation of risks within security infrastructure and technical control implementations. * Collaborate with teams, including system owners, developers, and architects, to integrate risk management practices into the development lifecycle. * Ensure risk and compliance controls are accomplished across teams and within defined Service level agreements. * Coordinate the documentation and migration of control information into Avalara's GRC platform. Qualifications: * Bachelor's degree in Information Technology, Computer Science, or equivalent experience. * 3+ years of experience in IT Audit, IT Security, or IT Risk Management. * Experience conducting systemic risk analysis in, including reviewing application design and architecture. * Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST. * Experience with application security principles, including the ability to assess risk through code and design review processes. #LI-Onsite