Security Engineer, Risk & Compliance

| Greater Denver Area

Alteryx is hiring a talented Risk and Compliance Security Engineer.  The Risk and Compliance Security Engineer reports to the Vice President of Information Security and Data Privacy and is responsible for maintaining global compliance.


The position lends itself to a collaborative and technically experienced Risk and Compliance Engineer with the ability to understand and implement Risk and Compliance controls via Alteryx’s GRC tool, as well as to effectively communicate Alteryx’s controls to employees, prospects and existing customers. The Engineer will drive remediation/changes within the organization and maintain a reliable, resourceful, customer service and can-do attitude. 

The Risk and Compliance Security Engineer is a member of the Governance, Risk and Compliance team and will work directly with the Sr. Risk and Compliance Security Engineer in the implementation of Alteryx’s GRC tool.  The Risk and Compliance Engineer is a strong contributor responsible for the assessment, creation, and implementation of security policies, standards, methodologies, and processes.  In this role, the Risk and Compliance Engineer will be required to demonstrate the ability to analyze difficult problems, think out-of-box and provide sound security solutions and recommendations to our internal and external customers. Compliance initiatives are focused on, but not limited to ISO 27001, ISO 27018, AICPA SOC1 and SOC2, PCI, CSA, HIPAA, and FISMA/NIST/FedRAMP. The Security Engineer will also be involved in driving and measuring internal and 3rd party compliance, as well as validating processes and actions are aligned with existing policy.  

Essential Duties and Responsibilities

  • Strong contributor in the implementation of the ISMS and ISO 27001 framework
  • Strong contributor in the implementation of Alteryx’s GRC tool and risk modules 
  • Owner of the existing Global Security Awareness training program
  • Assess environments and create Risk Mitigation plans as needed
  • Work with Sr. Engineer to create, review, and/or update existing security policies
  • Data Analytics experience working with spreadsheets and large amounts of data
  • Ability to drive integration of remediation efforts with the existing risk management process
  • Assist with successful completion of enterprise certifications and industry/regulatory compliance activities
  • Successfully project manage and drive remediation activities across various teams within the organization
  • Ability to interact with external prospects as well as customer compliance teams
  • Contribute by enhancing and maturing the existing cloud compliance frameworks as needed
  • Assist with activities to measure and monitor compliance with company policies and procedures
  • Facilitate customer requests and information gathering for audit activities (customer external security audits)
  • Ability to review security contracts exhibits and provide expert advice to the Legal and Sales teams
  • Approximately 15% of domestic and international travel will be expected of the position
  • Assess third-party vendors for security risks and support assessment process improvements
  • Audit third-party vendors for policy and contract compliance as needed

 

Required Qualifications

  • 5+ years working in the field of Risk and Compliance or Information Security
  • Bachelor’s degree in Information Security and/or Cyber Security or equivalent
  • CISSP certification is required.  CRISC and CCSP are a definite plus
  • Some experience in assessing Cloud Security platforms such as AWS, Azure, and Google Cloud Solutions
  • Experience with 3rd party Vendor Risk Assessments
  • Direct and recent working experience with the following compliance programs: ISO 27001, ISO 27018, SSAE18 SOC1 Type 2/SOC2 Type 2, CSA, HIPAA, and FISMA/NIST/FedRAMP
  • Basic understanding of network security architecture
  • Excellent report writing skills; ability to prepare compliance reports and associated metrics
  • Must be able to effectively communicate technical details and thoughts in non-technical/general terminology
  • Strong detail-oriented organizational, multi-tasking, and time management skills
  • Strong interpersonal skills to effectively interact with customers, team members, other departments, and senior management
  • Team player, a self-starter who takes initiative
  • Has mastered the Security Core concepts:  Inventory Management, Vulnerability Management, Configuration Management, Patch Management, and Risk Assessments

 

Desired Qualifications

  • Prior experience working in the Security and Compliance group of a SaaS/Cloud company or a Security Risk and Compliance practice of a top accounting firm
  • Other Relevant professional certifications such as CRISC, CISA, GIAC, CRISC and PMP
  • Ability to assess and implement a GRC tool which meets internal and external controls
Read Full Job Description

Technology we use

  • Engineering
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • C++Languages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • SqlLanguages
    • D3JSLibraries
    • jQuery UILibraries
    • ReactLibraries
    • ReduxLibraries
    • AngularJSFrameworks
    • Backbone.jsFrameworks
    • DjangoFrameworks
    • Node.jsFrameworks
    • CassandraDatabases
    • HiveDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • TeradataDatabases
    • LithiumCMS
    • SalesforceCRM
    • OutlookEmail
    • MarketoLead Gen

Location

Right at the entrance to the Interlocken Technology Park, our office is easily accessible from Denver and Boulder, and offers views of the mountains.

An Insider's view of Alteryx, Inc.

What’s the vibe like in the office?

Our culture is casual, but we're driven and work hard! We're empowered to be independent, creative, and innovative. Not only do we care about our platform, but we are deeply passionate about how the work we do impacts the community and our world.

Katelyn

Office Manager

What's the biggest problem your team is solving?

Bringing Alteryx to more people; democratizing our platform.

Simon

Team Lead, DX

How does the company support your career growth?

Alteryx walks the walk when it comes to supporting individual career goals. We have so many career planning resources and programs, but what differentiates Alteryx is the way everyone rallies around you to make sure you reach those goals. I've set aggressive career ambitions, plus pursuing my MBA! It's like the whole company is cheering for me.

Emily Singer

Manager, Public Relations

How do you empower your team to be more creative?

I encourage my team members to spend time learning - whether it's joining on-site study sessions to learn more about our product, to participating in Alteryx Academy. I think having a commitment to constant learning and self-improvement allows for creativity to flourish and opens up the doorway to new ideas.

Stephanie

Manager, Product Management Operations

What are Alteryx, Inc. Perks + Benefits

Alteryx, Inc. Benefits Overview

Company Perks & Benefits include:

• 100% company-paid medical, dental and vision benefits.

• Pet Insurance

• Life insurance, disability and accidental coverage

• Paid Holidays, Paid Time Off (PTO) & Volunteer Time Off (VTO per year

• 401k with company match

• Employee Stock Purchase Plan

• Commuter benefits

• Fitness & Wellness reimbursement program

• Bicycles and frisbee golf to rent in office

• Gym and The Hut Restaurant on the first floor of the building

• Yoga monthly and massages weekly

• Happy hours, release parties, and networking events throughout the year

• Fresh fruit delivery, bagels on Thursdays and catered lunch every other Wednesday

• Beer taps and comfortable lounges throughout the office

• Video and arcade games, ping pong, pool table, and shuffle board

• Free form "Innovation Days" and "Learning Days" for self-improvement monthly

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Diversity
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Diversity manifesto
Someone's primary function is managing the company's diversity and inclusion initiatives
Mean gender pay gap below 10%
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Life insurance is equal to 2 times an employee's annual salary.
Wellness Programs
Onsite Gym
Team workouts
Acme Co.'s team fitness initiatives include In-office yoga, In-office fitness classes.
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
We offer $265.00 per month for transit.
Company Outings
Acme Co. hosts company outings Quarterly.
Game Room
Stocked Kitchen
Some Meals Provided
We provide free breakfast on Thursday. Employees get free lunch on Wednesday.
Happy Hours
Parking
Relocation Assistance
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Lunch and learns
Acme Co. hosts lunch and learn meetings once per month.
Cross functional training encouraged
Promote from within
Mentorship program
Continuing Education stipend
Upon approval, we offer $5250 annualy for continuing education.
More Jobs at Alteryx, Inc.24 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
Marketing
Operations
Product
Project Mgmt
Content
Data + Analytics
new
Denver
Developer
new
Denver
Operations
new
Denver
Operations
new
Denver
Project Mgmt
new
Denver
Data + Analytics
new
Denver
Operations
new
Denver
Product
new
Denver
Product
new
Denver
Design + UX
new
Denver
Content
new
Denver
Marketing
new
Denver
Developer
new
Denver
Content
new
Denver
Developer
new
Denver
Developer
new
Denver