Changing the world through digital experiences is what Adobe’s all about. We give everyone from emerging artists to global brands everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.
We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity.
We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!
The Challenge :
The Adobe Secure Software Engineering Team is looking for an experienced Information Security Risk Analyst to join our Vendor Security Review program.
This role will be working directly with business and technology partners, vendors, and Legal to assess vendor security issues and risks, prioritize risk mitigation activities and guide the business to make risk-based decisions.
We are looking for someone with outstanding security, communication, negotiation and interpersonal skills, as well as experience with Information security and Risk management practices and principles.
This role provides an opportunity to combine client-facing consulting experience with technical expertise. We are a dynamic, high-profile team that supports every Adobe product and service, so this is an outstanding opportunity to make a difference at a software company!
What you’ll do :
Evaluate information security program maturity, security controls, and security documentation for Adobe's strategic vendors
Communicate security risks to the business and build risk mitigation plans
Support legal team with negotiation around Information security contract requirements
Collaborate with cross-functional departments within Security, Procurement, Legal on process improvements and workflow integrations to provide improved customer experience
Communicate and present key vendor security initiatives, practices and issues to business units
Benchmark the program against the third-party risk assessment programs from similar companies and propose improvements
What you need to succeed :
Bachelor’s Degree in Computer Science, Engineering or a related field.
3+ years of experience working in security, governance, risk and compliance
Detailed understanding of network security, identity and access management concepts, security certification reports
Demonstrated ability to successfully handle client-facing engagements
Experience managing risk in a global enterprise
Self-motivated and results oriented with excellent interpersonal and communication skills
Experience with regulatory compliance audits such as SOC 2, ISO and PCI DSS
CISSP, CISA, or other Information Security attestation(s) is a definite plus.