The Basics

The ideal candidate demonstrates knowledge in information security, audit, risk management and continual improvement approaches. The GRC Risk Analyst conducts compliance assessments, develops policies and manages risks across Tanium. The GRC Risk Analyst works closely with stakeholders to ensure that the organization adheres to regulatory requirements and industry standards.

What you'll do

• Executes audits and risk assessments, communicates results of findings and makes recommendations for improvement through concise, high-quality reports

• Ensures company management is knowledgeable of the risks of noncompliance to information security standards and regulatory requirements

• Writes and revises policies, standards, procedures, guidelines and other documentation based on Tanium’s business needs

• Participates in Information Security, Information Technology and Product Security projects driving the implementation of new process improvements and risk treatments

• Works closely with Information Security, Information Technology, Product Security and System Owners to review and respond to security questionnaires and due diligence requests

• Assists in the assessment and review of new vendors to ensure adequate levels of controls are in place to maintain compliance with security requirements

• Prepares reports summarizing risk assessment findings and presents them to management

• Recommends changes in business processes or policies to manage risks

• Ensures compliance with regulatory requirements related to risk management

• Monitors risks, proposing preventive measures and solutions to prevent future risks

We’re looking for someone with

• Education

• Bachelor's Degree in Computer Science, Engineering or equivalent experience

Experience:

• 3-5 years in information technology / information security auditing, preferably within a software engineering environment

• Technical knowledge of fundamental audit and risk concepts within the context of information technology and information security

• Familiarity with one or more of the following frameworks: FedRAMP, StateRAMP, CMMC, ISO 27001:2013, SOC2, NIST Cyber Security Framework (CSF)

• Experience writing audit findings, reports, policies, standards, procedures and guidelines

• Comfortable performing technical interviews with technical personnel and business process reviews with non-technical personnel

• Working knowledge of risk assessment methodologies, contingency planning approaches, data analysis techniques and improvement tools including root cause analysis, corrective action, preventative action, Plan-Do-Check-Act and the cost of quality

• Working knowledge of improvement programs such as Total Quality Management, ISO 9001, Six Sigma, Theory of Constraints or Lean

• Experience managing projects, implementing change and tracking their implementation progress

• Excellent knowledge of risk analysis methodologies and tools

• Strong analytical and problem-solving skills

• Proficiency in risk management software

About Tanium

Tanium delivers the industry's only true real-time cloud-based endpoint management and security offering. Its platform is real-time, seamless, and autonomous, allowing security-conscious organizations to break down silos between IT and Security operations that results in reduced complexity, cost, and risk. Securing more than 32M endpoints around the world, Tanium's customers include Fortune 100 organizations, top US retailers, top US commercial banks, and branches of the U.S. Military. It also partners with the world's biggest technology companies, system integrators, and managed service providers to help customers realize the full potential of their IT investments. Tanium has been named to the Forbes Cloud 100 list for nine consecutive years and ranks on the Fortune 100 Best Companies to Work For. For more information on The Power of Certainty™, visit www.tanium.com and follow us on LinkedIn and X.

On a mission. Together.

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things.

Taking care of our team members

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.

What you’ll get

The annual base salary range for this full-time position is $120,000 to $135,000. This range is an estimate for what Tanium will pay a new hire. The actual annual base salary offered may be adjusted based on a variety of factors, including but not limited to, location, education, skills, training, and experience.

In addition to an annual base salary, team members will receive equity awards and a generous benefits package consisting of medical, dental and vision plan, family planning benefits, health savings account, flexible spending account, transportation savings account, 401(k) retirement savings plan with company match, life, accident and disability coverage, business travel accident insurance, employee assistance programs, disability insurance, and other well-being benefits.

For more information on how Tanium processes your personal data, please see our Privacy Policy.