Job Description:
• Assisting in the identification, assessment, measurement, monitoring, and reporting of risk through CrowdStrike’s Governance, Risk, and Compliance (GRC) program
• Supporting CrowdStrike’s customer assurance program, including responding to customer security assessments and maintaining CrowdStrike’s trust portal
• Supporting GRC functions in relation to audit and compliance of CrowdStrike’s products and third parties including vendors and partners
• Understanding current technologies and processes while being continuously on the lookout for innovative and flexible ways to automate processes that support a fast-paced, secure, and empowered environment
• Responding to CrowdStrike and customer questions regarding GRC, information security, privacy, and related topics
• Assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence
• Working with various internal teams and external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented
• Performing other duties within the scope of governance, risk, and compliance as needed.
Requirements:
• Practical experience with policy and regulatory mandates such as SOC 1/SOC 2, CSA-CCM, ISO27001/27002/22301/27017/42001, GDPR, CCPA, PCI-DSS, the NIST Risk Management Framework, and associated standards such as NIST SP(s) 800-34/800-53 Revision 5/800-171, FedRAMP, CMMC 2.0
• Understanding of Third Party Risk Management concepts such as organizational risk impact, determining data classification, evaluating control implementations, and assessing adequacy of compensating controls
• Experience in typical office applications including Microsoft Word, Excel, and the Google Workspace Suite
• Fundamental technical understanding of key technologies such as Windows, Linux, and Apple operating systems, networks, application development, databases, virtualization, containerization, and cloud infrastructures
• Bachelor’s degree in a relevant field (e.g., Information Security, Risk Management, or related discipline) with 1+ year of experience in governance, risk, and compliance, or customer trust, or equivalent combination of education and practical experience.
Benefits:
• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe