Governance, Risk, and Compliance Specialist (Remote)

​​#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.About the RoleThe Governance, Risk, and Compliance Specialist is charged with assisting in the identification, assessment, measurement, monitoring, and reporting of risk through CrowdStrike’s Governance, Risk, and Compliance (GRC) program. The GRC Specialist’s primary function will involve supporting auditing and compliance functions in relation to CrowdStrike supply chain risk including vendors and partners with a focus on Software Security.  The ideal candidate will be up to the challenge of understanding current processes and being continuously on the lookout for innovative and flexible ways to automate processes that support a fast-paced, secure, and empowered environment.   This role covers audit and compliance processes in the context of security, privacy, and other enterprise-wide operational areas related to supply chain risk and will include tasks such as:conducting third party controls evaluation to determine risk;evaluating Open Source and Commercial Off the Shelf software;working with various internal teams to define and prioritize remediation efforts, tracking and reporting on remediation activities;inspecting and validating solutions that have been implemented;performing other duties within the scope of governance, risk, and compliance as needed.What You’ll Need practical experience with policy and regulatory mandates such as COBIT, SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, CCPA, PCI-DSS and NIST Risk Management Framework and associated standards such as sp800-34, sp800-53, sp800-161, FedRAMP, CMMC, etc.;experience in typical office applications including Microsoft Word, Excel, etc.;Fundamental technical understanding of key technologies such as Windows, Linux, and Apple operating systems, networks, application development, databases, virtualization, and cloud infrastructures; and3-5 years relevant experience, or a BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, or Cybersecurity.Bonus PointsPractical experience in Software Development and Secure Coding best practices.Practical experience in performing integration risk assessments and threat modeling third party software components.Practical experience in programming languages including typical JavaScript, Python, etc. and Data Analytics.Project management experience in scoping, work break-down, critical path analysis, resourcing, managing time estimates, project risks, and quality.Ability to think strategically about risks and tie those risks to tactical organizational activities.Open to learning and working on new domains and technology.#LI-DL1#LI-RemoteBenefits of Working at CrowdStrike:Remote-first cultureMarket leader in compensation and equity awardsCompetitive vacation and flexible working arrangements Comprehensive and inclusive health benefitsPhysical and mental wellness programsPaid parental leave, including adoption A variety of professional development and mentorship opportunitiesOffices with stocked kitchens when you need to fuel innovation and collaborationWe are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.CrowdStrike is committed to maintaining an environment of Equal Opportunity and Affirmative Action. If you need reasonable accommodation to access the information provided on this website, please contact Recruiting@crowdstrike.com​, for further assistance.CrowdStrike, Inc. is committed to fair and equitable compensation practices. The salary range for this position in the U.S. is $80,000 - $115,000 per year + bonus + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location.CrowdStrike participates in the E-Verify program.                 Notice of E-Verify Participation                Right to Work