Security Risk Analyst

Austin, TX, United States

Job Description

Would you like to work side-by-side with the brightest analytical and engineering minds in the industry to help organizations innovate and solve their Arm-based solutions? If you're not satisfied with simply working within an established system, but to be empowered to reshape and improve it for the challenges of tomorrow, then we may have your dream role!

Job Overview:

The Arm Technology Risk Analyst will be working closely with Arm business partners, customers, and suppliers to identify and understand risk so it can be effectively handled. You will be a key person to help our leaders focus on the risk that truly matters! This is a global role with responsibility for responding to information security needs across the entire Arm corporation.

An ideal candidate will have a demonstrated ability to drive security, compliance, and business outcomes, can articulate security practices, is detail oriented, and able to operate effectively under pressure.

Responsibilities:

Support internal and external partners on matters of risk assessments, security controls, and framework requirements.

Help build and maintain an effective third party risk assessment program

Perform supplier risk assessments, contract reviews, respond to customer security questionnaires and establish that Arm security and compliance requirements are understood

Develops tactical and trusted relationships within business partners, partners and vendors

Supporting continuous improvement to the Technology Risk program as it evolves to meet changing organizational and regulatory needs

Develop Standard Operating Procedures (SOP) to document procedures for risk assessments, third party assessments, and business process workflows for Security Governance, Risk, and Compliance

Document recommendations and implementation of corrective action plans to remediate issues for identified deficiencies. Monitor the progress of plans for on time completion

Continuous process improvement of existing and future processes

Be responsible to handle and maintain service level agreements for Requests and issues raised via ServiceNow and Jira.

Required Skills and Experience : Experience in conducting internal security assessments and reviews

Experience in articulating and documenting information security risks

Demonstrable experience in developing and optimizing customer due diligence processes (RFPs, questionnaires CAIQ, BITS SIG questionnaires...)

Candidate must have the expertise to understand Arm’s technical and business environment, strong familiarity with security standards, and audit requirements including NIST CSF, 800-53, ISO 27001, PCI DSS, and SOC 2 Type 2 reports

A driven demeanour will thrive at Arm. Proactive mentality is a must

Execution oriented with an ability to manage multiple projects simultaneously with a focus on outcomes driving impact

Interpersonal skills are required to interact effectively within the Enterprise Security group, customers and vendors at a tactical level

“Nice To Have” Experience and Skills: Experience working in a security role focussed on technical controls, services and procedures

Experience with EU regulations and EU data privacy a definite plus

Security qualifications beneficial but not crucial. i.e., CISSP, CISM

Good familiarity with other Enterprise Security organization (can identify which team fulfils which roles) and a Solid understanding of ITIL processes

Awareness of project management techniques, while having the ability to handle and chair meetings when required

In Return: We are proud to have a set of behaviors that reflect our culture and guide our decisions, defining how we work together. These behaviors are assessed as part of the hiring process:

Partner and customer focus

Teamwork and communication

Creativity and innovation

Team and personal development

Impact and influence

Deliver on your promises

#li-ms1

Accommodations at Arm

At Arm, we want our people to Do Great Things . If you need support or an accommodation to Be Your Brilliant Self during the recruitment process, please email [email protected] . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm’s hybrid approach to working is centred around flexibility, where we split our time between the office and other locations to get our work done. Within that framework, we empower groups and teams to determine their own particular hybrid working pattern, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.