Vendor Security Analyst

Описание вакансии

About Pinterest:

Millions of people around the world come to our platform to find creative ideas, dream about new possibilities and plan for memories that will last a lifetime. At Pinterest, we’re on a mission to bring everyone the inspiration to create a life they love, and that starts with the people behind the product.

Discover a career where you ignite innovation for millions, transform passion into growth opportunities, celebrate each other’s unique experiences and embrace the flexibility to do your best work. Creating a career you love? It’s Possible.

At Pinterest, AI isn't just a feature, it's a powerful partner that augments our creativity and amplifies our impact, and we’re looking for candidates who are excited to be a part of that. To get a complete picture of your experience and abilities, we’ll explore your foundational skills and how you collaborate with AI.

Through our interview process, what matters most is that you can always explain your approach, showing us not just what you know, but how you think. You can read more about our AI interview philosophy and how we use AI in our recruiting process here.

Pinterest’s Security team (Pinfosec) is seeking an experienced Vendor Security Analyst to conduct assessments of our vendors and help drive vendor and third-party security initiatives to keep our users, employees, and infrastructure safe from third-party security risk. You will have the opportunity to support the improvement of our vendor security program and GRC initiatives and provide meaningful impact in minimizing risk for Pinterest. You’re passionate about security innovation, and able to vet third-party solutions while minimizing employee friction and maximizing productivity.

What you’ll do:

• Perform vendor security assessments in order to minimize risk from third-party services
• Support the Vendor Security lead to Maintain and improve the vendor security program while working closely with Security, Legal, IT and other internal stakeholders
• Ensure vendor security issues are identified, communicated, and remediated to an acceptable level of risk
• Act as the SME for High Priority Vendor Security Reviews (e.g. AI related tooling)
• Interface with other teams and take a leadership role in driving vendor security initiatives
• Manage the MSSP for Vendor Security when the Vendor Security Lead is unavailable
• Act as the Vendor Security SME for the Onspring Risk Register and manage the maintenance and updating of Vendor Security related exceptions
• Support Pinterest’s Security Governance, Risk & Compliance program on an ad hoc basis such as; Be responsible for the monthly review and maintenance of security awareness training metrics, assist in the update of security policies from time to time, assist in the audit evidence gathering for SOC 2 Type 2 compliance as required, assist in the completion of security questionnaires from Pinterest’s advertisers
• You will be required to have a thorough understanding of security concepts, but you will not need to have coding experience

What we are looking for:

• 3+ years experience performing vendor security risk analysis for new and existing vendors
• Experience supporting the design, management, and building of security programs and best practices
• Familiarity with compliance frameworks (e.g. PCI, GDPR, SOC2, ISO27001, NIST CSF)
• Good understanding of various security domains
• Strong sense of ownership and comfortable with autonomy and ambiguity
• Great communicator who is comfortable leading meetings and audit type interviews with vendors
• Bachelor’s degree in a relevant field such as Computer Science, Engineering, or other cognitive function, or equivalent experience

In-Office Requirement Statement:

• We let the type of work you do guide the collaboration style. That means we're not always working in an office, but we continue to gather for key moments of collaboration and connection.
• This role will need to be in the office for in-person collaboration 1-2 times/quarter and therefore can be situated anywhere in the country.

Relocation Statement:

• This position is not eligible for relocation assistance. Visit ourPinFlex page to learn more about our working model.

 #LI-HYBRID

#LI-AH2

At Pinterest we believe the workplace should be equitable, inclusive, and inspiring for every employee. In an effort to provide greater transparency, we are sharing the base salary range for this position. The position is also eligible for equity. Final salary is based on a number of factors including location, travel, relevant prior experience, or particular skills and expertise.

Information regarding the culture at Pinterest and benefits available for this position can be found here.

US based applicants only

$123,696—$216,468 USD

Our Commitment to Inclusion:

Pinterest is an equal opportunity employer and makes employment decisions on the basis of merit. We want to have the best qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, national origin, religion or religious creed, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, age, marital status, status as a protected veteran, physical or mental disability, medical condition, genetic information or characteristics (or those of a family member) or any other consideration made unlawful by applicable federal, state or local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you require a medical or religious accommodation during the job application process, please complete this form for support.