We're seeking an experienced leader to stand up and manage a new IT Second Line of Defense (2LOD) team. As an Operational Risk Supervisor (IT), you'll be instrumental in enhancing our IT risk management framework, ensuring the effectiveness of our IT controls, and providing independent oversight of IT risk.
\nKey responsibilities include:
\nAs a seasoned leader, you'll have a strong background in risk management or audit, combined with IT knowledge. You'll be able to translate technical details into business risks and communicate effectively with stakeholders.
\nIf you're passionate about IT risk management and leadership, we encourage you to apply!
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_b859119a-2ee","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Ford Motor Credit Company","sameAs":"https://www.fordcredit.com/","logo":"https://logos.yubhub.co/fordcredit.com.png"},"x-apply-url":"https://efds.fa.em5.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/61992","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$115,500-$218,100","x-skills-required":["IT risk management","Audit","Leadership","Team management","Communication","Risk assessment","Control testing","Documentation"],"x-skills-preferred":["Process improvement","IT security","GRC","Policy management","Certified Information Systems Auditor (CISA)","Certified in Risk and Information Systems Control (CRISC)","Certified Information Security Manager (CISM)","Certified Information Systems Security Professional (CISSP)"],"datePosted":"2026-04-24T12:21:31.462Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Dearborn"}},"employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Finance","skills":"IT risk management, Audit, Leadership, Team management, Communication, Risk assessment, Control testing, Documentation, Process improvement, IT security, GRC, Policy management, Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP)","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":115500,"maxValue":218100,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_11b88e19-a73"},"title":"Data Centre Security Compliance Public Sector Specialist","description":"About Us
\nAt Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world's largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies.
\nWe protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks.
\nKey Responsibilities
\nPublic Sector & Compliance Governance
\nAudit Lifecycle Management
\nIdentity & Access Management (IAM) Operations
\nPartner Relations & Reporting
\nRequirements
\nPreferred
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_11b88e19-a73","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Cloudflare","sameAs":"https://www.cloudflare.com/","logo":"https://logos.yubhub.co/cloudflare.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/cloudflare/jobs/7477769","x-work-arrangement":"hybrid","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["NIST 800-53 control families","FedRAMP requirements","Identity & Access Management (IAM)","Audit Lifecycle Management","Security Compliance","Information Security","Risk Management","CISSP","CIPP","CIPM","CIPT","CISA","CRISC"],"x-skills-preferred":["Data center Security Compliance","Access Management","audit administration","product roadmaps","market trends and factors","complex partner requirements"],"datePosted":"2026-04-18T15:58:34.830Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Hybrid"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"NIST 800-53 control families, FedRAMP requirements, Identity & Access Management (IAM), Audit Lifecycle Management, Security Compliance, Information Security, Risk Management, CISSP, CIPP, CIPM, CIPT, CISA, CRISC, Data center Security Compliance, Access Management, audit administration, product roadmaps, market trends and factors, complex partner requirements"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_3ba73370-831"},"title":"Internal Audit IT Manager","description":"Ready to be pushed beyond what you think you’re capable of?
\nAt Coinbase, our mission is to increase economic freedom in the world.
\nWe’re seeking a very specific candidate who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system.
\nAs an Internal Audit IT Manager, you will own end-to-end delivery of complex IT and security audits across our cloud infrastructure, security operations, and crypto-native systems.
\nKey responsibilities include:
\nRequirements include:
\nNice to have:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_3ba73370-831","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Coinbase","sameAs":"https://www.coinbase.com/","logo":"https://logos.yubhub.co/coinbase.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/coinbase/jobs/7755116","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$166,345-$195,700 USD","x-skills-required":["IT security","Cloud infrastructure","Security operations","Identity and access management","Data protection","IT asset management","Vendor/third-party risk","Blockchain infrastructure","Centralized and self-hosted wallets","Cold storage","AI-enabled audit execution","Data analytics","Automation","Generative AI","Continuous monitoring","Anomaly detection","Automated evidence retrieval","AI-assisted workpaper drafting","Cloud platforms","IAM policies","Security configurations","Logging/monitoring","CI/CD pipelines","Python","SQL","AI tools","NIST CSF","COBIT","SOC 2","ITIL","CISA","CISSP","CIA","CISM","CPA","CFE"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:58:31.708Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote - USA"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Finance","industry":"Finance","skills":"IT security, Cloud infrastructure, Security operations, Identity and access management, Data protection, IT asset management, Vendor/third-party risk, Blockchain infrastructure, Centralized and self-hosted wallets, Cold storage, AI-enabled audit execution, Data analytics, Automation, Generative AI, Continuous monitoring, Anomaly detection, Automated evidence retrieval, AI-assisted workpaper drafting, Cloud platforms, IAM policies, Security configurations, Logging/monitoring, CI/CD pipelines, Python, SQL, AI tools, NIST CSF, COBIT, SOC 2, ITIL, CISA, CISSP, CIA, CISM, CPA, CFE","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":166345,"maxValue":195700,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_0c1f85bb-c33"},"title":"Senior Product Manager, Compliance","description":"CoreWeave is building the infrastructure that powers the next era of AI. As we scale towards and beyond public company readiness, the CIO organisation is responsible for owning the execution of IT General Controls (ITGCs) and IT application controls across our technology environment.
\nWe are looking for a Senior Product Manager, IT SOX Compliance to join our team. This is not a traditional audit-support role. As the Product Manager, IT SOX Compliance, you will translate SOX compliance requirements into structured programs, drive accountability across IT process owners, and build the systems and workflows that make compliance scalable.
\nKey responsibilities include:
\nYou will work closely with the SOX team and IT process owners to ensure controls are designed, reviewed, and evidenced effectively.
\nThe ideal candidate will have 8+ years of experience in IT audit, IT risk, IT compliance, or a related field, with hands-on IT SOX experience in either a practitioner or oversight capacity. You will have deep familiarity with IT General Controls (ITGCs) , access management, change management, SDLC, and computer operations , and how they map to financial reporting risk.
\nIn addition to a competitive salary declaration, we offer a variety of benefits to support your needs, including medical, dental, and vision insurance, company-paid life insurance, voluntary supplemental life insurance, short and long-term disability insurance, flexible spending account, health savings account, tuition reimbursement, ability to participate in employee stock purchase program (ESPP), mental wellness benefits through Spring Health, family-forming support provided by Carrot, paid parental leave, flexible, full-service childcare support with Kinside, 401(k) with a generous employer match, flexible PTO, catered lunch each day in our office and data center locations, a casual work environment, and a work culture focused on innovative disruption.
\nWhy CoreWeave?
\nAt CoreWeave, we work hard, have fun, and move fast! We're in an exciting stage of hyper-growth that you will not want to miss out on. We're not afraid of a little chaos, and we're constantly learning. Our team cares deeply about how we build our product and how we work together, which is represented through our core values: Be Curious at Your Core, Act Like an Owner, Empower Employees, Deliver Best-in-Class Client Experiences, Achieve More Together.
\nWe support and encourage an entrepreneurial outlook and independent thinking. We foster an environment that encourages collaboration and enables the development of innovative solutions to complex problems. As we get set for takeoff, the organisation's growth opportunities are constantly expanding. You will be surrounded by some of the best talent in the industry, who will want to learn from you, too.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_0c1f85bb-c33","directApply":true,"hiringOrganization":{"@type":"Organization","name":"CoreWeave","sameAs":"https://www.coreweave.com","logo":"https://logos.yubhub.co/coreweave.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/coreweave/jobs/4673532006","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$165,000 to $242,000","x-skills-required":["IT General Controls (ITGCs)","SOX compliance","IT audit","IT risk","IT compliance","Access management","Change management","SDLC","Computer operations","Workday","Salesforce","NetSuite/SAP","Coupa","GRC platforms","AuditBoard","ServiceNow GRC","Workiva"],"x-skills-preferred":["CISA","CISSP","CISM","CPA","Hyperscaler","Cloud infrastructure","High-growth tech environment"],"datePosted":"2026-04-18T15:52:33.779Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Livingston, NJ / New York, NY / Sunnyvale, CA / San Francisco, CA / Bellevue, WA"}},"employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Technology","skills":"IT General Controls (ITGCs), SOX compliance, IT audit, IT risk, IT compliance, Access management, Change management, SDLC, Computer operations, Workday, Salesforce, NetSuite/SAP, Coupa, GRC platforms, AuditBoard, ServiceNow GRC, Workiva, CISA, CISSP, CISM, CPA, Hyperscaler, Cloud infrastructure, High-growth tech environment","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":165000,"maxValue":242000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_ee8b8728-edf"},"title":"Security Engineer - Detection & Response","description":"As a Security Engineer - Detection & Response at xAI, you will lead day-to-day security threat management, identify and manage potential incidents, and work with partner teams on known or suspected security threats. You will support threat intelligence, threat hunting, intrusion detection, and incident response efforts that adhere to, and push forward, best practices.
\nResponsibilities:
\nBasic Qualifications:
\nITAR Requirements:
\nTo conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
\nPreferred Skills and Experience:
\nCompensation and Benefits:
\n$180,000 - $440,000 USD. Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_ee8b8728-edf","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/5008186007","x-work-arrangement":"onsite","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$180,000 - $440,000 USD","x-skills-required":["CISA","CRISC","CGEIT","Security+","CASP+","Python","Networking","macOS","Windows","Linux","Cloud Security","Security Technology","Malware Analysis","Forensics","Penetration Testing"],"x-skills-preferred":["Elastic","OpenSearch","Open Source Security Automation Tooling"],"datePosted":"2026-04-18T15:51:35.367Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"New York, NY; Palo Alto, CA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"CISA, CRISC, CGEIT, Security+, CASP+, Python, Networking, macOS, Windows, Linux, Cloud Security, Security Technology, Malware Analysis, Forensics, Penetration Testing, Elastic, OpenSearch, Open Source Security Automation Tooling","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":180000,"maxValue":440000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_9e667b9c-eb8"},"title":"Senior Security Engineer II, Vulnerability Management","description":"We are seeking a Senior Security Engineer to build the Vulnerability Management program protecting CoreWeave's AI infrastructure. You will architect intelligent automation systems that defend the GPU clusters powering breakthrough AI research and enterprise AI applications.
\nThis role combines technical depth, strategic thinking, and the autonomy to design workflows that will protect infrastructure driving the future of AI.
\nKey Responsibilities:
\nRequirements:
\nPreferred Qualifications:
\nWhat We Offer:
\nThe base salary range for this role is $165,000 to $242,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).
\nThe range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_9e667b9c-eb8","directApply":true,"hiringOrganization":{"@type":"Organization","name":"CoreWeave","sameAs":"https://www.coreweave.com","logo":"https://logos.yubhub.co/coreweave.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/coreweave/jobs/4650290006","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$165,000 to $242,000","x-skills-required":["vulnerability management","application security","platform security","cloud security engineering","Python","Go","security automation","SOAR workflows","detection pipelines","vulnerability prioritization frameworks","CVSS","EPSS","CISA KEV","exploit intelligence","compensating controls","Wiz","Semgrep","Rapid7"],"x-skills-preferred":["AI/ML-powered security workflows","hardware security vulnerabilities","security automation platforms","DevOps","DevSecOps","SRE","container security","Kubernetes","customer audits","CI/CD pipelines"],"datePosted":"2026-04-18T15:48:06.696Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Livingston, NJ / New York, NY / Sunnyvale, CA / Bellevue, WA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"vulnerability management, application security, platform security, cloud security engineering, Python, Go, security automation, SOAR workflows, detection pipelines, vulnerability prioritization frameworks, CVSS, EPSS, CISA KEV, exploit intelligence, compensating controls, Wiz, Semgrep, Rapid7, AI/ML-powered security workflows, hardware security vulnerabilities, security automation platforms, DevOps, DevSecOps, SRE, container security, Kubernetes, customer audits, CI/CD pipelines","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":165000,"maxValue":242000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_815dc8e7-6b9"},"title":"Technical Program Manager II","description":"At Coinbase, we're on a mission to increase economic freedom in the world. We're seeking a Technical Program Manager II to join our Security & Privacy department. As a Technical Program Manager II, you will work with the Security organization to build and drive meaningful business and security outcomes through complex programs while empowering our engineering/product teams to act as owners of security risk.
\nThe Security team's goal is to identify, measure, manage, mitigate, and report risk associated with products to keep our customer's funds and data safe. You will collaborate with program sponsors and cross-functional Security partners to identify, document, and objectively assess opportunities, challenges, and risks across traditional and novel Security domains using qualitative and quantitative factors, including KRIs and KPIs.
\nYou will serve as the Directly Responsible Individual (DRI) for key security initiatives or workstreams when required, owning outcomes and driving decision-making to keep programs moving forward. You will create program strategies and artifacts, including proposals, prioritization frameworks, roadmaps, dependency maps, and risk registers, to drive initiatives that incrementally increase program maturity over time.
\nYou will partner with Product, Engineering, and Security teams to influence adoption of critical initiatives, navigate technical dependencies, and support the Software Development Lifecycle (SDLC) as part of product and feature launches. You will concurrently manage multiple critical projects end-to-end: establishing milestones and timelines, managing cross-functional workstreams and dependencies, holding teams accountable for deliverable quality, and clearly communicating the impact of delays on project timelines and security risk posture.
\nYou will provide program status to Security leadership while ensuring transparency on key metrics, program effectiveness, strategic direction, and changes. You will conduct regular data analysis on security control performance to identify trends, anomalies, and areas for improvement, leveraging BI tools to drive data-informed decisions.
\nYou will drive process improvement and scaling initiatives within security programs by leveraging AI tools, automation, and retrospectives to optimize workflows, reduce manual toil, and achieve outcomes efficiently. You will author Objectives and Key Results (OKRs) to focus teams on the right short-term and long-term goals, and manage change across complex multi-quarter programs.
\nYou will rapidly identify and escalate risks to enable proactive collaboration and timely resolution.
\nWe're looking for a Technical Program Manager II with a strong understanding and proven experience of formal program management methodologies, working knowledge of and experience in cyber/security domain, fluency in leveraging AI in daily workflows to enhance efficiency, drive process improvements, and deliver high-quality, business-ready outputs.
\nYou should have exceptional skills in time management, facilitation, communication, and organization, ability to translate complex concepts simply for varied audiences, experience managing cross-functional teams and stakeholders, and comfortable navigating ambiguity and operating in environments where processes and paved roads may not yet exist.
\nNice to haves include professional certification such as PMP, CISSP and CISA, working knowledge of and experience in the technology and/or financial technology industry, experience working across all the three lines of defense (3LOD), and advanced understanding of Generative AI, Google Workspace, JIRA, Linear, Superset, Looker and SQL.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_815dc8e7-6b9","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Coinbase","sameAs":"https://www.coinbase.com/","logo":"https://logos.yubhub.co/coinbase.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/coinbase/jobs/7595357","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$167,280-$196,800 USD","x-skills-required":["Formal program management methodologies","Cyber/security domain","AI tools","Automation","Retrospectives","Objectives and Key Results (OKRs)","Time management","Facilitation","Communication","Organization","Cross-functional teams","Stakeholders","Ambiguity","Process improvements","Data analysis","BI tools","Security control performance","Risk management","Program management","Project management","Software Development Lifecycle (SDLC)"],"x-skills-preferred":["Generative AI","Google Workspace","JIRA","Linear","Superset","Looker","SQL","PMP","CISSP","CISA","Financial technology industry","Three lines of defense (3LOD)"],"datePosted":"2026-04-18T15:47:39.344Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote - USA"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Formal program management methodologies, Cyber/security domain, AI tools, Automation, Retrospectives, Objectives and Key Results (OKRs), Time management, Facilitation, Communication, Organization, Cross-functional teams, Stakeholders, Ambiguity, Process improvements, Data analysis, BI tools, Security control performance, Risk management, Program management, Project management, Software Development Lifecycle (SDLC), Generative AI, Google Workspace, JIRA, Linear, Superset, Looker, SQL, PMP, CISSP, CISA, Financial technology industry, Three lines of defense (3LOD)","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":167280,"maxValue":196800,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_d33e3000-9c7"},"title":"Senior, Tech Risk and AI Automation","description":"We're seeking a highly motivated and analytical Senior, Tech Risk and AI Automation, to play a pivotal role in building an AI-first internal audit and risk function. This role is the first of its kind and an opportunity for an audit individual with a passion for technology and innovation to drive the future of assurance and risk through AI and automation.
\nYou will be at the forefront of our efforts to build and scale an industry-leading AI assurance program. While your initial focus will be on leveraging agentic AI to transform SOX testing, you'll have opportunities to impact cross-functional areas including security, platform regulatory risks and non-financial metrics.
\nKey responsibilities include:
\nRequirements include:
\nPreferred qualifications include:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_d33e3000-9c7","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Reddit","sameAs":"https://www.redditinc.com","logo":"https://logos.yubhub.co/redditinc.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/reddit/jobs/7758354","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["SOX compliance","agentic AI","internal controls","risk management","AI-driven testing","automated assurance workflows"],"x-skills-preferred":["CISA","CPA","CIA","CISSP","AI tools","prompting","SQL","Python"],"datePosted":"2026-04-18T15:47:08.049Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote - British Columbia, Canada"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Finance","industry":"Technology","skills":"SOX compliance, agentic AI, internal controls, risk management, AI-driven testing, automated assurance workflows, CISA, CPA, CIA, CISSP, AI tools, prompting, SQL, Python"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_6bc635c8-b18"},"title":"Staff Security Analyst, Customer Assurance","description":"Secure Every Identity instituting AI is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organisations to safely embrace this new era.
\nWe are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.
\nThe Okta Security team’s mission is to strengthen Okta’s position as the leading Identity-as-a-Service solution by identifying and resolving risks to the employees, product, and most importantly, our customers. The Security Trust & Culture team works to enhance customer trust in Okta’s identity services . We serve as a strategic resource working closely with Okta’s go-to-market teams.
\nAs a Staff level analyst of Customer Assurance, you will support prioritising and efficiently responding to questions about our security programme and other due diligence related requests. You will act as a critical bridge between our customers and our internal engineering teams, ensuring Okta’s security posture is communicated effectively.
\nTasks will include training local Sales teams, managing complex escalations in the regional market, and driving technological changes to help Customer Assurance scale its efforts globally. This position requires a unique combination of skills including an ability to coordinate the analysis of technical issues, to communicate clearly about security-relevant topics with both internal and external customers, to collaborate with internal business units to ensure execution of time-sensitive projects, and to present to upper management or the broader organisation as required.
\nThe ideal candidate will have experience with SaaS cloud security risk assessment and a solid understanding of the core principles of identity management. If you want to make a difference in the security programme of a global cloud provider, we want you on board.
\nJob Duties and Responsibilities:
\nServe as the critical bridge between Okta’s customers and internal Engineering/Product Security teams. You must be able to unpack complex customer security concerns, hold in-depth technical discussions with internal engineering to align on solutions, and translate Okta’s security architecture back to the customer to resolve high-stakes inquiries.
\nTake end-to-end ownership of highly technical security questionnaires and due-diligence requests, Partner seamlessly with internal subject matter experts,including our specialised Federal/FedRAMP teams,to ensure accurate, timely, and high-quality responses for highly regulated customers.
\nDrive technological changes within Customer Assurance by identifying and implementing AI and automation strategies to streamline workflows, scale global efforts, and reduce response times.
\nTrain and empower regional Go-To-Market and Sales teams on standard engagement protocols, ensuring they can leverage Customer Assurance resources smoothly to accelerate deals.
\nCollaborate with the Security Trust & Culture team and Regional CSOs to develop, publish, and maintain forward-facing security collateral, FAQs, and field communications.
\nWork within a global team, participating or leading global handoffs between American timezones and European or Asian, when required for large security or industry events.
\nRequirements:
\nBachelor’s degree in Computer Science or Management Information Systems, or equivalent work experience in technology or information security fields
\nMinimum 3 years information security, project management, or related experience
\nA strong, fundamental understanding of core Security principles, architectures, and operations.
\nUnderstanding of IT and cloud methodologies, information security, privacy, identity management, risk assessments and IT regulation and compliance standards
\nStrong oral, written, and presentation skills
\nStrong written and verbal communication skills, with a proven ability to distill complex technical concepts into clear, concise responses for both technical customers and internal executive stakeholders.
\nHelpful Certifications / Skills:
\nOkta Certified Professional/Administrator
\nCertificate of Cloud Security Knowledge (CCSK) and/or Certificate of Cloud Auditing Knowledge (CCAK)
\nCertified Information Security Auditor (CISA)
\nExperience with generative AI tools or process automation platforms is a strong plus.
\nFamiliarity with Federal or highly regulated compliance frameworks (e.g., FedRAMP, StateRAMP, NIST 800-53, or DoD IL4/IL5)
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_6bc635c8-b18","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Okta","sameAs":"https://www.okta.com/","logo":"https://logos.yubhub.co/okta.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/okta/jobs/7743848","x-work-arrangement":"hybrid","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$148,000-$203,500 USD","x-skills-required":["Okta Certified Professional/Administrator","Certificate of Cloud Security Knowledge (CCSK) and/or Certificate of Cloud Auditing Knowledge (CCAK)","Certified Information Security Auditor (CISA)","generative AI tools or process automation platforms","Federal or highly regulated compliance frameworks (e.g., FedRAMP, StateRAMP, NIST 800-53, or DoD IL4/IL5)"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:47:00.421Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Bellevue, Washington; Chicago, Illinois; New York, New York; Washington, DC"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Okta Certified Professional/Administrator, Certificate of Cloud Security Knowledge (CCSK) and/or Certificate of Cloud Auditing Knowledge (CCAK), Certified Information Security Auditor (CISA), generative AI tools or process automation platforms, Federal or highly regulated compliance frameworks (e.g., FedRAMP, StateRAMP, NIST 800-53, or DoD IL4/IL5)","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":148000,"maxValue":203500,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_3ad8987a-19b"},"title":"Staff Compliance Analyst - Federal","description":"We are looking for a Staff Federal Security Compliance Analyst to join our Federal Security and Compliance team. As a Staff Federal Security Compliance Analyst, you will serve as a lead of our compliance strategy, safeguarding and strengthening our position as a leading IDaaS provider for the public sector. Your mission is to bridge the gap between engineering, product, and federal regulatory bodies, driving the maintenance of our FedRAMP and DoD authorizations, leading complex audits, and mentoring junior analysts to ensure a security-first culture.
\nThe responsibilities listed below represent the core functions of this role:
\nMinimum Required Knowledge, Skills, and Abilities:
\nPreferred Certifications & Skills:
\nAdditional requirements:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_3ad8987a-19b","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Okta","sameAs":"https://www.okta.com/","logo":"https://logos.yubhub.co/okta.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/okta/jobs/7571077","x-work-arrangement":"remote","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$161,000-$221,000 USD","x-skills-required":["Automation & Compliance Engineering","Cloud-native infrastructure","API-based control validation","OSCAL-based tooling","NIST SP 800-53","FedRAMP High/Moderate","DoD SRG (IL4, IL5)","Access management","CI/CD pipelines","Disaster recovery","Encryption/key management"],"x-skills-preferred":["CISSP","CISA","CCSK","AWS Certified Solutions Architect","Cloud Practitioner","JIRA","ServiceNow","Okta"],"datePosted":"2026-04-18T15:45:27.832Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Washington, DC"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Automation & Compliance Engineering, Cloud-native infrastructure, API-based control validation, OSCAL-based tooling, NIST SP 800-53, FedRAMP High/Moderate, DoD SRG (IL4, IL5), Access management, CI/CD pipelines, Disaster recovery, Encryption/key management, CISSP, CISA, CCSK, AWS Certified Solutions Architect, Cloud Practitioner, JIRA, ServiceNow, Okta","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":161000,"maxValue":221000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_0bf3955d-b31"},"title":"IT Audit Analyst","description":"We are looking for a dynamic and detail-oriented IT Audit Analyst or Senior IT Audit Analyst to join our growing Internal Audit team.
\nIn this role, you will play a key part in evaluating and strengthening ZoomInfo's IT control environment, with a primary focus on executing SOX compliance testing across IT general controls, automated controls, and system integrations.
\nThis position offers meaningful exposure to US GAAP, SOX compliance, and complex IT control environments, as well as the opportunity to work with automation and AI-driven tools.
\nYou will work closely with US-based teams and stakeholders across IT and business functions, requiring a shifted schedule with availability until 12:00 PM PST to enable effective collaboration.
\nThe ideal candidate brings strong analytical and communication skills, a proactive approach to problem solving, and a desire to grow in a fast-paced, high-growth SaaS environment.
\nKey Responsibilities:
\nRequired Qualifications:
\nPreferred Qualifications:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_0bf3955d-b31","directApply":true,"hiringOrganization":{"@type":"Organization","name":"ZoomInfo","sameAs":"https://www.zoominfo.com/","logo":"https://logos.yubhub.co/zoominfo.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/zoominfo/jobs/8441742002","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["SOX compliance","IT general controls","automated controls","application controls","system integrations","audit management technology","data analytics tools","AI-driven tools","cloud-based platforms","SaaS applications","databases","middleware solutions","CISA","CA","SOX requirements","COSO framework","COBIT standards"],"x-skills-preferred":["enterprise SaaS applications","data visualization tools","advanced analytics techniques","scripting or programming concepts","Python","artificial intelligence","prompt engineering","agile audit methodologies","continuous auditing frameworks"],"datePosted":"2026-04-18T15:43:48.246Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Chennai, Tamil Nadu, India"}},"employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Technology","skills":"SOX compliance, IT general controls, automated controls, application controls, system integrations, audit management technology, data analytics tools, AI-driven tools, cloud-based platforms, SaaS applications, databases, middleware solutions, CISA, CA, SOX requirements, COSO framework, COBIT standards, enterprise SaaS applications, data visualization tools, advanced analytics techniques, scripting or programming concepts, Python, artificial intelligence, prompt engineering, agile audit methodologies, continuous auditing frameworks"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_22e2b8bb-55b"},"title":"Cybersecurity Officer","description":"As the Cybersecurity Officer for Waymark, you will be responsible for advancing our core mission through the development of robust programs encompassing information security. As an organization working with patients and providers to improve health outcomes, it is critical to build and maintain appropriate systems and safeguards designed to protect the integrity and confidentiality of information.
\nYou are technical, a strong operator, and strategic thinker, looking to build, improve, and scale reliable security processes whenever possible. Your leadership of the information security program at Waymark will include all facets of cybersecurity, and the associated user experience of our remote teams, and community-based care workers. You will be responsible for security policy and implementation and operation of technical and administrative safeguards to support those policies. You will use your experience to inform sound judgement to achieve the appropriate management of security risks in a manner consistent with the company’s values. You will use your in-depth knowledge of security in a modern cloud based organization, to identify and address risks to the company, through a combination of hands-on technical contributions and directing and overseeing staff with security responsibilities. You will interact with the broader executive leadership team to communicate evolving needs, matching the security strategy to the size and stage of growth of the company and the information we safeguard.
\nThis is a remote friendly position that can be located anywhere in the United States.
\nKey Responsibilities & Duties
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_22e2b8bb-55b","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Waymark","sameAs":"https://www.waymark.com/","logo":"https://logos.yubhub.co/waymark.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/waymark/jobs/4675847005","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$140,000 - $185,000","x-skills-required":["BSCS or equivalent experience in an operational security role","10+ years of experience in security and/or information assurance roles, and risk management","Knowledge of information security management frameworks, such as NIST cybersecurity framework","Experience and/or ability to learn and apply hands-on skills in a cloud native production environment","Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and could monitoring"],"x-skills-preferred":["Key industry certifications in information security, such as CISSP, CISM and CISA","Experience in a startup of 100 - 500 people","Experience with securing a production SaaS product hosted in AWS","Experience conducting or managing technical audit engagements, or directly responding to auditor inquiries"],"datePosted":"2026-04-17T13:07:42.117Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"US - Remote"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Healthcare","skills":"BSCS or equivalent experience in an operational security role, 10+ years of experience in security and/or information assurance roles, and risk management, Knowledge of information security management frameworks, such as NIST cybersecurity framework, Experience and/or ability to learn and apply hands-on skills in a cloud native production environment, Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and could monitoring, Key industry certifications in information security, such as CISSP, CISM and CISA, Experience in a startup of 100 - 500 people, Experience with securing a production SaaS product hosted in AWS, Experience conducting or managing technical audit engagements, or directly responding to auditor inquiries","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":140000,"maxValue":185000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_1bdc3caf-792"},"title":"Governance, Risk, and Compliance (GRC) SME - Senior Consultant","description":"Do you want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300,000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready?
\nWe are looking for a highly skilled Cyber GRC (Governance, Risk, and Compliance) Senior Consultant to help organizations strengthen their cybersecurity posture, manage cyber risks, and ensure regulatory compliance. The ideal candidate will have deep expertise in cybersecurity frameworks, risk management, regulatory compliance, and security governance.
\nAs a Cyber GRC Senior Consultant, you will collaborate with client security, IT, and compliance teams to direct and oversee the development and implementation of cybersecurity policies, conduct risk assessments, and ensure adherence to global security standards and regulations.
\nKey Responsibilities:
\nWork on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization.
\nContribute to the development of consulting go to market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks.
\nDirect and lead NIST CSF risk assessments
\nOversee the design of innovative new services to lead the market incorporating AI and ML where it brings value.
\nSupport presales, sales, and account management pursuits from a subject matter expert perspective.
\nRequirements
\nYou will have already achieved strong career progression to date, and experience working with recognized consulting brands and large commercial sector clients. You will have a passion for cyber security and a genuine interest in staying updated with the latest industry trends and developments.
\nYour security experience must include:
\nA relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security)
\n1-5 years+ in the field of cyber security/infosec.
\nA broad business skill set including stakeholder management, problem-solving, and resilience
\nExperience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences
\nExcellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel
\nYour diverse Security experience should include one or some of below:
\nA good understanding of NIST CSF
\nA post graduate degree in cyber /information security
\nCyber Due Diligence Assessments
\nThird- Party & Supply chain Cyber Risk Management
\nIncident Response Plan review
\nSupporting bids, RFP responses and proposals
\nCrisis Management Exercises (CMX)
\nAccreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM,
\nHelped design Target Operating Models (TOMs) and RACI Matrices
\nHelping the design of Cyber Security Roadmaps
\nSupporting Post Incident Reviews
\nReading and summarising Cyber Threat Intelligence reports
\nCyber Security Risk Assessments or Maturity Assessments
\nDesign and/deliver awareness training.
\nWorked on Identity and Access Management projects.
\nWorked on Privileged access management projects
\nOur ideal candidate may have some of the following skills:
\nHave a broad business skill set including stakeholder management, problem-solving, and resilience
\nHave experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences
\nHave excellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel
\nEnjoy working with different clients from different industries.
\nHave some experience in balancing technical and commercial considerations to develop practical advice or solutions for clients.
\nBe able to build strong and effective business relationships at all levels
\nBe able to support and oversee staff with less experience in their tasks
\nBe able to explain complex cyber methodologies using accessible non-technical language (both written and verbal)
\n_Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now._
\nAbout your team
\nAt the Tech Transformation practice, we help CIOs overcome their biggest challenges such as geopolitical and macroeconomic uncertainty, cybersecurity, digital transformation, and budget constraints; enabling them to leverage technology to deliver value to their business. We have a team of business analysts, enterprise architects and cybersecurity specialists with business, operational, strategic, analytical and innovation skills. that come together to drive business IT alignment, Transform IT governance, IT Cost containment, operating efficiency improvements, Innovation enablement and cybersecurity risk, governance, and compliance.
\nAbout Infosys Consulting
\nBe part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey.
\nOur core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, Equity and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page.
\nWithin Europe, we are recognized as one of the UK’s top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity and dedicated training and career paths. Infosys is on the Germany’s top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row.
\nWe offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We’d love to hear from you.... Apply today!
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_1bdc3caf-792","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Infosys Consulting - Europe","sameAs":"https://jobs.workable.com","logo":"https://logos.yubhub.co/view.com.png"},"x-apply-url":"https://jobs.workable.com/view/kpLfuJ6MMnQF6UP1PbZm31/remote-governance%2C-risk%2C-and-compliance-(grc)-sme---senior-consultant-in-poland-at-infosys-consulting---europe","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["cybersecurity frameworks","risk management","regulatory compliance","security governance","NIST CSF","cyber due diligence assessments","third-party and supply chain cyber risk management","incident response plan review","crisis management exercises","accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM","target operating models","RACI matrices","cybersecurity roadmaps","post-incident reviews","cyber threat intelligence reports","cybersecurity risk assessments","identity and access management","privileged access management"],"x-skills-preferred":["stakeholder management","problem-solving","resilience","data and information gathering","data and information validation","data and information synthesis","data and information documentation","data and information communication","interpersonal skills","written communication skills","verbal communication skills"],"datePosted":"2026-03-09T16:53:00.785Z","jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Consulting","skills":"cybersecurity frameworks, risk management, regulatory compliance, security governance, NIST CSF, cyber due diligence assessments, third-party and supply chain cyber risk management, incident response plan review, crisis management exercises, accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM, target operating models, RACI matrices, cybersecurity roadmaps, post-incident reviews, cyber threat intelligence reports, cybersecurity risk assessments, identity and access management, privileged access management, stakeholder management, problem-solving, resilience, data and information gathering, data and information validation, data and information synthesis, data and information documentation, data and information communication, interpersonal skills, written communication skills, verbal communication skills"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_f56e4b3a-ca5"},"title":"Third Party Risk Management (TPRM) Consultant - Principal","description":"Do you want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment of 300,000 employees. Our dynamic organization allows you to work across functional business pillars, contributing your ideas, experiences, diverse thinking, and a strong mindset. Are you ready?
\nWe are seeking an experienced Principal Third Party Risk Management (TPRM) Consultant to lead and shape our Third Party Risk and GRC services within the cyber security consultancy. This is a senior leadership role responsible for driving strategy, managing complex client engagements, and delivering enterprise-scale TPRM and GRC programmes across multiple industries. As a subject matter expert in Third Party Risk Management, Governance, Risk & Compliance (GRC) and vendor risk frameworks, you will design, implement, and operate robust third-party risk management frameworks that align with regulatory, security, and business requirements. You will act as a trusted advisor to clients, lead large transformation initiatives, manage teams, and ensure high-quality delivery of risk, compliance, and assurance services.
\nKey Responsibilities:
\n· TPRM Proposals & Strategy: Lead the development of TPRM and GRC proposals, defining scope, delivery models, governance structures, and operating models and design enterprise-level Third Party Risk Management strategies aligned with regulatory, operational, and cyber risk requirements.
\n· Client Engagement Leadership: Lead and manage complex client engagements in Third Party Risk Management, vendor risk, and GRC and act as engagement lead and trusted advisor for executive stakeholders (CISO, CRO, Risk, Compliance, Procurement, Legal). In addition to that ensure successful delivery of TPRM services including assessments, frameworks, tooling, and operationalisation.
\n· Security Assessment & Audit Leadership: Lead third-party security assessments, audits, and assurance activities and define assessment methodologies, risk scoring models, control frameworks, and reporting structures as well as oversee supplier due diligence, onboarding risk processes, and continuous monitoring programmes.
\n· Technical & Methodological Authority: Serve as subject matter expert for TPRM, GRC platforms, and vendor risk methodologies and provide leadership in the use of GRC and TPRM tooling (e.g. OneTrust, Archer, ServiceNow GRC, similar platforms).
\n· Project, Delivery & Programme Leadership: Act as Project Manager, Delivery Lead, and Programme Lead for large-scale TPRM initiatives and manage multi-stream delivery, dependencies, risks, and stakeholder alignment.
\n· Team Leadership & Management: Lead, mentor, and develop a team of consultants (up to 5 direct reports) and build high-performing delivery teams and ensure capability development in TPRM and GRC.
\n· Risk & Compliance Management: Identify, assess, and manage third-party risks across cyber, operational, regulatory, and reputational domains and advise clients on risk treatment strategies, remediation plans, and control improvements.
\n· Continuous Improvement & Innovation: Drive continuous improvement in TPRM methodologies, delivery models, and service offerings and stay current with regulatory developments, emerging risks, and industry best practices in third-party risk and supply chain security.
\nRequirements
\nEssential Skills and Experience:
\n· Extensive experience in Third Party Risk Management (TPRM) and Governance, Risk & Compliance (GRC) at enterprise level.
\n· Strong background as Security Assessor, Auditor, and Risk Consultant.
\n· Proven experience leading TPRM, vendor risk, and supplier assurance programmes.
\n· Experience acting as Project Manager, Delivery Lead, and Programme Lead for complex engagements.
\n· Hands-on experience with GRC / TPRM platforms, ideally including OneTrust.
\n· Ability to design and implement third-party risk frameworks, policies, and governance models.
\n· Strong stakeholder management skills at executive and board level.
\n· Proven people management experience, including team leadership and mentoring.
\n· Ability to balance security, risk, compliance, and business enablement.
\nQualifications:
\n· Minimum 10 years of experience in cyber security, risk management, GRC, audit, or related domains.
\n· CISA (Certified Information Systems Auditor) strongly preferred.
\n· Lead Auditor certification (e.g. ISO 27001 Lead Auditor) highly desirable.
\n· Additional certifications such as CISM, CRISC, CISSP are an advantage.
\n· Experience working across multiple industries (e.g. Financial Services, Healthcare, Critical Infrastructure, Government, Technology).
\n· Experience with regulatory-driven environments and compliance-led transformation programmes.
\n_Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please_ _apply now._
\nBenefits
\nAbout Infosys Consulting
\nBe part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey.
\nOur core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, Equity and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page.
\nWithin Europe, we are recognized as one of the UK’s top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity and dedicated training and career paths. Infosys is on the Germany’s top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row.
\nWe offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal ambitions. Curious to learn more? We’d love to hear from you.... Apply today!
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_f56e4b3a-ca5","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Infosys Consulting - Europe","sameAs":"https://jobs.workable.com","logo":"https://logos.yubhub.co/view.com.png"},"x-apply-url":"https://jobs.workable.com/view/3AGuZh2zhvyMa3e9DNdg37/remote-third-party-risk-management-(tprm)-consultant---principal-in-poland-at-infosys-consulting---europe","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Third Party Risk Management","Governance, Risk & Compliance","Vendor Risk Management","Security Assessment","Audit Leadership","Project Management","Delivery Leadership","Programme Leadership","Team Leadership","Risk Management","Compliance Management","Continuous Improvement","Innovation"],"x-skills-preferred":["OneTrust","Archer","ServiceNow GRC","CISA","Lead Auditor certification","CISM","CRISC","CISSP"],"datePosted":"2026-03-09T16:51:45.581Z","jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Consulting","industry":"Technology","skills":"Third Party Risk Management, Governance, Risk & Compliance, Vendor Risk Management, Security Assessment, Audit Leadership, Project Management, Delivery Leadership, Programme Leadership, Team Leadership, Risk Management, Compliance Management, Continuous Improvement, Innovation, OneTrust, Archer, ServiceNow GRC, CISA, Lead Auditor certification, CISM, CRISC, CISSP"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_f7bc3829-4cd"},"title":"IT Auditor, Sr Associate/Staff","description":"Overview
\nAt Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content.
\nJob Description
\nWe are seeking a motivated and detail-oriented audit professional with a strong interest in technology, information security, and risk management. You will be responsible for planning and executing IT and/or Information Security audits in accordance with the annual audit plan. You will also perform IT risk assessments to identify key risks and support the development and refinement of the annual IT audit plan.
\nResponsibilities
\nBenefits
\nAt Synopsys, innovation is driven by our incredible team around the world. We feel honored to work alongside such talented and passionate individuals who choose to make a difference here every day. We're proud to provide the comprehensive benefits and rewards that our team truly deserves.
\nTeam
\nYou will join a collaborative and forward-thinking Internal Audit team that partners closely with the business and technology functions. The team values quality, integrity, and open communication, and provides opportunities to work across a broad range of systems, processes, and risks. You'll gain exposure to senior stakeholders, develop your technical and audit expertise, and play a meaningful role in strengthening the organization's control environment.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_f7bc3829-4cd","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Synopsys","sameAs":"https://careers.synopsys.com","logo":"https://logos.yubhub.co/careers.synopsys.com.png"},"x-apply-url":"https://careers.synopsys.com/job/bengaluru/it-auditor-sr-associate-staff/44408/92463617200","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["IT audit","information security","risk management","SOX compliance","ERP","cloud-based applications","SAP","Salesforce","IT General Controls","IT Application Controls","auditing","risk assessment","control testing","issue identification","remediation follow-up","auditing documentation","reporting","presentation","emerging technology risks","regulatory expectations","industry best practices"],"x-skills-preferred":["CISA","CIA","CISSP","auditing software","risk management software"],"datePosted":"2026-03-08T22:18:27.923Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Bengaluru"}},"employmentType":"FULL_TIME","occupationalCategory":"Finance","industry":"Technology","skills":"IT audit, information security, risk management, SOX compliance, ERP, cloud-based applications, SAP, Salesforce, IT General Controls, IT Application Controls, auditing, risk assessment, control testing, issue identification, remediation follow-up, auditing documentation, reporting, presentation, emerging technology risks, regulatory expectations, industry best practices, CISA, CIA, CISSP, auditing software, risk management software"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_c76d0c6d-ec7"},"title":"Technical Policy Manager, Cyber Harms","description":"About the Role:
\nWe are looking for a cybersecurity expert to lead our efforts to prevent AI misuse in the cyber domain. As a Cyber Harms Technical Policy Manager, you will lead a team applying deep technical expertise to inform the design of safety systems that detect harmful cyber behaviours and prevent misuse by sophisticated threat actors.
\nIn this role, you will:
\nYou may be a good fit if you have:
\nPreferred Qualifications:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_c76d0c6d-ec7","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anthropic","sameAs":"https://job-boards.greenhouse.io","logo":"https://logos.yubhub.co/anthropic.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/anthropic/jobs/5066981008","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"The annual compensation for this role is not specified in the job posting.","x-skills-required":["cybersecurity","vulnerability research","exploit development","network security","malware analysis","penetration testing","scientific computing","data analysis","programming (Python)","threat modelling","policy frameworks","responsible disclosure practices","vulnerability coordination","cybersecurity frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework, CWE/CVE systems)"],"x-skills-preferred":["AI/ML systems","large language models","ML-based security systems","adversarial ML research","defence, intelligence, or security organisations","NSA, CISA, national labs, security contractors","published security research","disclosed vulnerabilities","bug bounty programs","Trust & Safety operations","content moderation at scale","OSCP, OSCE, GXPN, or equivalent certifications","dual-use security research concerns","ethical considerations in AI safety"],"datePosted":"2026-03-08T13:50:25.823Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Francisco, CA, Washington, DC"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"cybersecurity, vulnerability research, exploit development, network security, malware analysis, penetration testing, scientific computing, data analysis, programming (Python), threat modelling, policy frameworks, responsible disclosure practices, vulnerability coordination, cybersecurity frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework, CWE/CVE systems), AI/ML systems, large language models, ML-based security systems, adversarial ML research, defence, intelligence, or security organisations, NSA, CISA, national labs, security contractors, published security research, disclosed vulnerabilities, bug bounty programs, Trust & Safety operations, content moderation at scale, OSCP, OSCE, GXPN, or equivalent certifications, dual-use security research concerns, ethical considerations in AI safety"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_ee2db308-a07"},"title":"Senior Manager IT Security & LISO","description":"What you'll do
\nAs Senior Manager IT Security & LISO, you will be responsible for the following tasks:
\nAnforderungen
\nUnternehmen
\nUnsere Philosophie: Die Funktion optimieren. Die Form kompromisslos auf das Wesentliche reduzieren. Das Bekannte überwinden, um immer wieder die neue, beste Lösung zu entdecken. Nur so entstehen einzigartige Designobjekte, die das Vorhersehbare hinter sich lassen, maximale Performance bieten und zu lebenslangen Begleitern werden.
\nErlebe die Faszination Porsche Lifestyle unter: www.porsche-design.de
\nHinweise zur Bewerbung
\nBitte fülle unser Online-Bewerbungsformular aus und füge am Ende Deine vollständigen Bewerbungsdokumente bei, die aus Anschreiben, Lebenslauf, Arbeits- und (Hoch-) Schulzeugnissen sowie ggf. weiteren Bescheinigungen (Aufenthaltsgenehmigung, sofern erforderlich) bestehen.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_ee2db308-a07","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Porsche Lifestyle GmbH & Co. KG","sameAs":"https://jobs.porsche.com","logo":"https://logos.yubhub.co/jobs.porsche.com.png"},"x-apply-url":"https://jobs.porsche.com/index.php?ac=jobad&id=16485","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["IT Security","Informationssicherheit","Wirtschaftsinformatik","Sicherheitsstandards","Sicherheitspraktiken","Berechtigungs- und Zugriffsmanagement","Risk Management","Incident Handling","Business Continuity Management"],"x-skills-preferred":["CISM","CISA"],"datePosted":"2025-12-08T16:24:04.987Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Ludwigsburg"}},"employmentType":"FULL_TIME","occupationalCategory":"IT","industry":"Automotive","skills":"IT Security, Informationssicherheit, Wirtschaftsinformatik, Sicherheitsstandards, Sicherheitspraktiken, Berechtigungs- und Zugriffsmanagement, Risk Management, Incident Handling, Business Continuity Management, CISM, CISA"}]}