Security Risk Analyst, Justworks

Governance, Risk, and Compliance

$140-154k

AWS

ServiceNow

Mid level

New York

2+ days a week in office

Business operations platform

Job no longer available

Business operations platform

1001+ employees

FintechB2BEnterpriseHRCompliancePaymentsSaaS

Job no longer available

$140-154k

AWS

ServiceNow

Mid level

New York

2+ days a week in office

1001+ employees

FintechB2BEnterpriseHRCompliancePaymentsSaaS

Company mission

Justworks' mission is to help entrepreneurs and businesses grow with confidence.

Job

Company

Role

Who you are

3+ years' experience directly in cybersecurity fields, with a demonstrated track record in one or more of the following areas: third-party risk management, cyber risk management, policy & compliance, security awareness, and communication
Clear understanding of risk assessment methodology, NIST 800-53, CIS, and associated security and privacy rules
Strong knowledge and experience with operational risk management, covering the full lifecycle of activities, including risk identification, assessment, mitigation, monitoring, and reporting
Functional knowledge of security domains and information security industry standards and best practices
Ability to identify and recommend tools, processes, and software to automate and continuously improve security and compliance practices
Previous experience with GRC solutions - Archer, ServiceNow, LogicGate, etc
Technical understanding of cloud-based security in an AWS environment
Proven track record as a strong communicator both in written and oral presentations; capable of rapidly creating detailed, yet concise documentation; adept at influencing and driving cross-functional collaboration
Demonstrated ability to analyze information critically and synthesize findings into actionable insights and better data-driven decision-making
Possess a natural curiosity and eagerness to explore new topics, with the ability to quickly learn and understand unfamiliar subjects. Demonstrates a proactive approach to identifying problems and implementing effective solutions.
Good organizational skills, proactive and self-sufficient with a proven ability to work independently and prioritize deliverables
Security Certifications of CISSP, CISM, CRISC, CISA a plus

What the job involves

Justworks is seeking an exceptional Security Risk Analyst to join our Governance Risk & Compliance (GRC) team
The Security Risk Analyst will work cross-functionally with all areas of the company to develop security safeguards and countermeasures to protect Justworks assets, employees and customers
The Security Risk Analyst will report to the Senior Manager, Governance Risk & Compliance and liaise with other teams across Digital Security
Work with the GRC leader to provide security guidance and solutions that protect Justworks, our products, customers, and employees
Support GRC team with implementing and operationalizing GRC strategy and multi-year roadmaps to mature Justwork’s GRC function
Have a working knowledge of and be able to support all GRC capabilities such as cyber risk management, third-party risk management, security training and communications, and our compliance program
Conduct Third Party Risk assessments, educate vendor relationship owners on the risks identified, work with them to secure remediation plans with vendors
Support security-related educational and compliance programs, including developing and managing regular phishing simulations, creating security newsletters and other communications, etc
Maintain a cyber risk register with timely updates and regular reviews with risk owners to drive risk closure
Provide data input to predefined GRC metrics to support monthly and quarterly departmental OKR reporting
Proactively seek clarification, ask thoughtful questions, and focus on learning and development
Follow best practices within the team. Raise concerns. Offer suggestions
Research topics and find answers outside the area of expertise
Develop domain knowledge such as IT, InfraOps, Engineering, Benefits, Payment, etc to better align security initiatives with business priorities
Create and update process documentation
Support Justworks’ audit commitment related to SOC2, GDPR, and our Justworks policies and standards
Manage security findings brought forward through the risk reporting and risk exception process and report to security leadership where gaps exist
Collaborate with all stakeholders across the company to provide risk visibilities, and more importantly to drive risk mitigation
Assist in building a risk-aware culture by maturing existing risk management processes to monitor, track, measure and report cyber risks
Drive timely & effective communication via collaboration with various stakeholders including IT, Cyber Defense Operations, Security Architecture & Engineering, People Operations, Customer Service and Marketing
Perform other related duties as assigned
As a Security Risk Analyst, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:
Good judgment - the exercise of critical thinking, analyzing and assessing problems and implications, identifying patterns, making connections of underlying issues, understanding risks and developing mitigation strategies, and taking ownership of the outcome
Resourcefulness - taking a can-do approach, even in the face of obstacles and constraints by assessing what’s in front of you and effectively and efficiently optimizing what you have, whether it's working on something new or thinking about how to do something better
Teamwork and communication - putting our collective best together through documentation, collaboration, relationship-building, listening, empathy, recruiting, and evangelism
Influence and leadership - fostering a community of knowledge-sharing, collaboration, mentorship, and forward-thinking
Skills and knowledge - the capacity to actively learn and apply specific domain knowledge, know-how, and best practices to continually enhance and improve

Our take

Justworks operates in an increasingly crowded space of all-in-one business operation suites, that include tools like human resources, payroll, employee management, benefits, and others that businesses critically need to operate as they scale.

Globally, human resource management has become an extremely fertile field, worth over $20 billion annually and predicted to grow to over $50 billion annually by 2030 - creating great opportunity for Justworks to continue to grow. The company is regarded as a market leader, but does see competition in the shape of Paychex Flex, Rippling, Paylocity, and TriNet, among others.

Solutions delivered by Justworks have proven to be extremely popular with SMEs, and this has not gone unnoticed by investors, with the company picking up exceptional amounts of funding. Justworks is known to have sights on going public, though action towards this end has been delayed until global mass-market conditions have settled from a period of volatility. However, the company's acquisition of

Steph

Company Specialist

Insights

Top investors

Some candidates hear
back within 2 weeks

24% employee growth in 12 months

Glassdoor (3.6)

Company

Funding (last 2 of 7 rounds)

Nov 2023

$16.9m

LATE VC

Jan 2020

$50m

SERIES E

Total funding: $159.9m

Company benefits

Paid volunteer work.
Paid parental leave.
Work from home opportunities.
Medical, dental, and vision insurance, plus access to One Medical, Kindbody, and Teladoc.
Premium access to Headspace, ClassPass stipends, and webinars to support your overall wellness on topics like nutrition, budgeting, mindfulness, and more.
All Justworks offers include equity, and Justworkers can continue to earn more over time with promotions and tenure.
Extensive learning & development opportunities through workshops, ExecOnline, Udemy, and BetterUp coaching.
Engineering Apprenticeship program that supports internal movement and growth

Company values

Camaraderie: As a growing company, we know how crucial teamwork, higher purpose, and a healthy dose of fun can be to success. Be an active listener, treat people respectfully, and have a strong desire to know and help others.
Openness: We believe in radical transparency. This means being willing to share information, understand other perspectives, and consider new possibilities. Be curious, ask open questions, and be receptive to thoughts and feedback from others.
Grit: They say when the going gets tough, the tough get going. We are a team of hardworking individuals with the courage to persevere. Be committed, be earnest, and dive in to get the job done well with a positive attitude.
Integrity: We do the right thing. Be honest and forthright, have a strong moral compass, and strive to match your words with your actions while leading by example.
Simplicity: We make things easy for everyone to understand and do. Be innovative, unafraid of streamlining processes, a clear and concise communicator, and don't overcomplicate solutions.

Company HQ

Fulton Ferry District, NY

Articles

IPO market stays dormant as Justworks and Fresh Market withdraw their filings

Justworks Ranked #3 on Selling Power’s “50 Best Companies to Sell For List” for 2022

How does Justworks make money?

The AlleyWatch Startup Daily Funding Report: 11/2/2023

Justworks announces acquisition of international recruitment platform Via

Justworks Expands Capabilities with Via Acquisition

Founders

Isaac Oates

(Executive Chair)

Experience as a Senior Product Manager at Amazon before founding Adtuitive and serving as COO for a year. Left this position to spend 3 years as a VP at Etsy, before founding Justworks.

Salary benchmarks

We don't have enough data yet to provide salary benchmarks for this role.

Submit your salary to help other candidates with crowdsourced salary estimates.

Share this job

View 29 more jobs at Justworks