Job Description

Why N-able:

N-able is seeking a Senior Security Risk Analyst for the Edinburgh office. Reporting to the Senior Manager of the GRC and CSO, you will identify risks and communicate clearly with cross functional partners across products, offices, time zones, and corporate verticals that include formal assessments associated with our security and privacy programs, as well as ad hoc projects.

You will be part of a security team of experts who are responsible for managing risk across the company, focused on assessing and reporting on business, technology, and enterprise risks. The team provide independent and objective assurance, proactively monitor known risks and associated treatment plans, while leveraging data analytics to drive efficiency and effectiveness.

This role is also responsible for assisting in managing the risks to be reviewed by our Risk Committee. This position will collaborate with multiple stakeholders to effectively execute risk-related activities. An understanding of and some experience with end-to-end business processes, security frameworks, and technology risk management will be pivotal to success and this role requires a critical thinker who efficiently gathers and synthesizes data and information to analyse and who enjoys working in a dynamic, fast-paced environment.


What You'll Do:
Facilitate risk assessment processes related to enterprise risk and / or security programs, including business continuity, incident management and response, and disaster recovery and programs related to compliance frameworks such as ISO27001, the Trust Principles (SOC2), GDPR, HIPAA, FIPS 140-2/3, ISO 22301, etc. Promote corporate governance through subject matter expertise of security initiatives, solid understanding of business processes, and proven communication skills. Analyze information from an enterprise privacy and security perspective to identify root cause, and partner with stakeholders to develop executable action plans aligned with department initiatives and leadership's security posture. Manage security and privacy training initiatives, such as information security awareness training, phishing campaigns, ISMS training, ISO training, etc. for employees and contractors. Partner directly with business units to support technology risk analysis and risk management processes, help the company align on an acceptable level of residual risk, and establish roles and responsibilities related to information protection. Facilitate both internal and external audits and other third-party / regulatory requests for compliance programs and controls. Manage Risk Exception process, including ensuring proper approvals, capturing details and notes of bi-monthly meetings, recording all decisions and due dates, scheduling necessary meetings and updates, etc.


What we are looking for:
What You'll Bring:
Related experience in risk management, security, technology risk, or IT audit role. Solid understanding of information security principles, standards, tools, and methodologies and passion about business process improvement and removing friction from systems. Experience with enterprise Risk Management processes, building out workspaces and process flows in Smartsheet preferred, and in reading the culture of a company, flexing and adapting communication style as needed. Understanding of complex IT architectures and structure of global company. Willingness to pursue professional certifications such as CISSP, CISM, CRISC, and/or CISA within two years. Strong communication skills, including technical and business writing and presentation skills. Ability to present ideas/solutions and communicate clearly, concisely, and accurately with others at all levels of the organization. Resourceful, self-motivated, and possess strong critical thinking skills with excellent organizational, planning, and time management skills. Ability to flex various skills to meet shifting priorities in the department. Must be flexible and be able to function in a fast-paced and dynamic environment and a sense of humor would be a huge bonus.

Purple Perks:
Medical, dental and vision coverage Generous PTO and observed holidays 2 Paid VoluNteer Days per year Employee Stock Purchase Program FuN-raising opportunities as part of our giving program N-ablite Learning - custom learning experience as part of our investment in you The Way We Work - our hybrid working model based on trust and flexibility

About N-able:

At N-able, Inc. (NYSE: NABL), we are a global software company that turns IT possibilities into capabilities. That means we partner with technology leaders who support companies around the world by offering secure infrastructure and tools to navigate their evolving IT needs. We build strong relationships with our customers to help them thrive at every stage of growth, and at the heart of this effort is our network of N-ablites--a global team of extraordinary, diverse creators who are dedicated to making a difference in how our partners do IT.

#LI-NK1 #LI-Hybrid