About the Role
Role
Splunk is seeking a Sr Manager, Vendor Trust to join the Splunk Global Security (SGS) team. This is a people leader role with direct reports and responsibilities including hiring, training, talent management, and professional development. This role will be accountable for leading Splunk’s vendor security programs, including vendor security assessments, vendor vulnerability management, vendor implementation security, and vendor risk management. The position is also responsible to engage with vendors and business partners through interviews, information collection, and provide issue resolution .
Responsibilities
You are a people leader who is passionate about developing a world class vendor security function by hiring and developing top talent.
Build relationships with various team leaders and partners, including but not limited to risk management, incident response, vulnerability management, legal, procurement
Develop vendor risk content that is consumable for all levels of the organization, and drive vendor risk leadership decisions and decision making.
Own and maintain the vendor security assessment processes, vendor vulnerability management processes, and vendor security implementation assessment processes.
Enable the maturation of the vendor security program within the security team and with key business partners.
Develop and implement a technology approach that will enable the above responsibilities and ensure the vendor security processes are efficient and repeatable.
Develop and maintain strong relationships with the teams supporting our vendor security program, internal partners, and senior leadership.
Requirements
Requirements
- Minimum seven (7) years demonstrated ability in a security governance, risk, compliance, or operations leadership role; including two (2) years of accountability leading a vendor security, third party risk management, or supply chain security program.
- Minimum five (5) years of demonstrated ability as a people leader with responsibility for direct reports.
- Current knowledge of information technology processes and controls along with a deep understanding of one or more of the following security control frameworks; ISO, NIST, UCF, Cloud Security Alliance (CSA), CIS Controls.
- Experience working with Procurement Management or Enterprise GRC management platforms (SAP Ariba, Archer, OneTrust, etc.)
- At least one current professional certification is required, such as CISM, CISSP, CRISC, CISA, or GIAC.
- Demonstrated knowledge of vendor security concepts - vendor assessments, vulnerability management, control frameworks, security maturity, risk management, security architecture, incident response, and contracts management.
- Excellent written and verbal communication and interpersonal skills.
- Possesses high ethical standards, level of commitment, and ability to manage complexities.
- Must be eligible to work in the United States without company sponsorship.
Nice-to-have Qualifications
We’ve taken special care to separate the must-have qualifications from the nice-to-haves. “Nice-to-have” means just that Nice. To. Have. So, don’t worry if you can’t check off every box. We’re not hiring a list of bullet points–we’re interested in the whole you.
- Experience in a globally regulated enterprise, Cloud Provider environments, and the software development industry.
- Skilled in assessing and managing third party security posture and cyber risk.
- Ability to communicate effectively to technical and non-technical teams at various levels in the organization.
- Experience in building risk content and driving vendor risk discussions.
- Ability to plan, coordinate and monitor multiple projects and tasks in a fast-paced environment.
About the Company
Splunk, a Cisco company, is building a safer and more resilient digital world with an end-to-end full stack platform made for a hybrid, multi-cloud world. Leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. Our customers love our technology, but it's our caring employees that make Splunk stand out as an amazing career destination. No matter where in the world or what level of the organization, we approach our work with kindness. So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you. Come help organizations be their best, while you reach new heights with a team that has your back.