Security Risk Lead

As a Security Risk Lead at Fastly you will help ensure we provide a secure edge for one of the biggest online platforms in the world, handling an immense amount of traffic at very low latency. Fastly’s Security Risk & Architecture Team fosters security throughout all areas of Fastly’s applications and infrastructure. Fastly believes that security is everyone’s responsibility and you will be empowering all of Fastly to live up to that responsibility. Qualified candidates will excel at building quantitative security risk management programs and right-sizing security policies for an organization's needs.

This is a role which has a major impact on securing the internet. You will be supported by a friendly security team, where you can learn and develop. We check our egos at the door. You’ll make sure our customers benefit from a service built to the highest security standards in the industry. We pride ourselves in our involvement in the larger security community and encourage our team to present at network and security conferences and participate in the open source community. We are a distributed security team with the commitment and tools in place to make it work.

• Lead Fastly’s security risk management program from definition of base principles to sponsoring of the overall program
• Build processes and procedures for conducting security assessments to quantitatively measure security risk 
• Propose and implement tooling to help Fastly maintain an accurate risk register and track mitigation decisions and progress
• Perform analysis of risk data to identify patterns of deficiencies and collaborate with security architects to propose mitigation solutions 
• Define the data and measures that should be generated for reporting on the status of company risks and the health of the program
• Lead Fastly’s security risk committee to ensure the appropriate individuals are making informed decisions related to risk treatment
• Own Fastly’s core security policies and standards to ensure appropriate baseline of security expectations and compliance with industry standards
• Partner with our compliance peers on current and potential future security related certifications (PCI, ISO 27001, SOC2, HITRUST, etc) 
• Influence Fastly’s security strategy by bringing to bear the collective strength of the security team and articulating the capabilities needed to effectively manage the cyber-attack risk

At Fastly we value a diversity of voices. The following is not a laundry list, but to be effective in this role you should possess some of the following and an interest in learning more about the rest:

• Extensive experience building security risk management programs, preferably at modern technology companies and/or regulated environments 
• Ability to communicate and influence effectively at all levels from technical staff to company vice presidents
• Experience crafting security policies that take into account a company's unique operating environment while still meeting control objectives
• Comfortable engaging with auditors and customers to give the confidence in the effectiveness of the program
• Proven ability to weigh business needs with security priorities and make sound risk-based judgement calls 
• Significant experience with threat modeling and security risk assessments resulting in a clear measure of security risk
• Strong team collaborator that actively seeks to build and maintain productive working relationships in order to establish trust and influence outcomes
• Working knowledge of the MITRE ATT&CK, NIST CSF, and CIS Critical Control, as well as the OWASP Top 10 frameworks
• High emotional intelligence. Fastly teams care about one another, collaborate regularly and are part of a people first organization

In accordance with applicable law, Fastly’s minimum base pay for this role if hired in Colorado is $169,000. Additionally, this role is eligible to participate in Fastly's equity plan. Final offer amount will be at the company’s sole discretion and determined by multiple factors, including years and depth of experience and expertise, location and other business considerations. Note that this role is available to candidates outside of Colorado and different minimum compensation may apply.

Fastly is proud to deliver a strong total rewards program to our employees. This role is eligible to participate in the following benefits:

• Health benefits (medical, dental, and vision)
• Medical: Cigna or Kaiser available
• Retirement benefits and employer match
• Life Insurance (Basic and Voluntary Life)
• Short & Long Term Disability with a buy-up LTD option
• Voluntary Accident & Critical Illness benefits
• Flex Spending Accounts & Mass Transit benefits
• Open Vacation Policy
• Sick Time
• Generous leave benefits (medical, maternity, paternity, and personal)
• Paid wellness days
• Employee Assistance Program
• Learning & reimbursement program stipend
• Mobile and internet allowance
• Wellness stipend
• Pet insurance

Fastly reserves the right to amend or modify for any reasons in accordance with applicable law.