BigPanda is a fast-growing, values-driven, global company that enables Tech Ops teams to keep the digital economy running. BigPanda’s AI-driven IT operations (aka AIOps) platform transforms IT data into insight and action. By eliminating IT noise, automating incident management, and keeping our customers’ digital services up and running around the clock, we become a mission-critical part of our customers’ IT operations.
With BigPanda, some of the world’s largest enterprises including Hulu, Cisco, United, Abbott, Marriott, Expedia and many others are able to reduce costs and increase efficiencies, accelerate business velocity, and deliver extraordinary customer experiences.
BigPanda is backed by top-tier investors including Sequoia, Mayfield, Battery, Insight Partners, Advent International, and Greenfield Partners.
About the Role:
The GRC Manager will be responsible for developing, implementing, maturing, and managing BigPanda’s information security risk management program. In this role the GRC Manager will engage leaders in security, legal, IT, and other teams to build strong relationships and programs. The GRC Manager’s key areas of focus are on assessing risks of BigPanda systems and infrastructure and providing data-driven reporting to track risk reduction activities. GRC Manager will ensure compliance with existing security frameworks (SOC 2 Type II), maturing, and expanding service provider management programs, and identifying and tracking security risks and remediation. The GRC Manager must demonstrate broad security risk expertise and experience developing and running a security compliance program.
- Develop and manage a security risk management program to identify, assess, and manage risks, including effective data-driven reporting and tracking of risk reduction activities.
- Manage and update BigPanda’s Third Party Risk management program to ensure technical and procedural controls are effective both within BigPanda and with service providers/vendors.
- Execute annual information Security Risk Assessments (BigPanda and Third Parties), Penetration Tests, and SOC 2 Type II audit. Execute risk assessments of all vendors and new technologies or services used in company projects or products.
- Maintain and update security policies and standards as needed to stay current to threats and risks to BigPanda.
- Conduct information security risk assessments of company systems, cloud infrastructure, and data repositories. Recommend remediations and track data and progress on risk reduction activities.
- Lead annual reviews, updates, and Tabletop tests for business continuity plans to reflect changes and ensure continuing effectiveness, including BCP/DRP, BIA, CMP, ERP, PP, and Incident Response.
- Develop processes to efficiently collect data to demonstrate control effectiveness for security frameworks.
- Experience creating the plan, design, implementation, and sustainment of information security risk and compliance programs.
- Experience creating and managing Third Party Risk management programs.
- Experience conducting risk assessments for Cloud based systems and architecture.
- Experience taking complex security concepts and present the ideas and benefits to non-technical management in an impactful qualitative and quantitative way.
- Experience identifying and applying the security controls of information systems and production environments for a SaaS company on AWS.
- Experience integrating and applying policies that meet company security information risk objectives.
Why join BigPanda?
- Revenue growth of 75+% YoY for 2018, 2019, 2020 and ended 2021 with 120%
- Forecasting 75% revenue growth in 2022
- Recently announced $1.2B valuation
- Values-based and performance-driven culture that is focused on career development and growth
- Gross $ Retention was 97% in ‘21, net $ Retention was over 110%
[Visa sponsorship eligibility statement] Please note that visa sponsorship is not available for this position.
BigPanda is committed to creating a diverse environment and is proud to be an Equal Employment Opportunity workplace.
BigPanda is proud to be an Equal Employment Opportunity workplace. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.