Lead Security Risk Analyst

Appian's information security department is growing and seeking a security risk and governance professional to drive projects and build programs to impact within our Trust team. This individual will work in a dynamic environment and be exposed to modern cloud technologies and security frameworks, and become an expert in our global security control environment.

About the Job:

• Coordinate and work directly with multiple teams across the organization to identify and manage risk associated with both on premise and cloud based systems.
• Ensure that information and technology security analysis is embedded and effective in multiple programs throughout the company
• Conduct risk/security impact analysis of implementations, designs, and architectures for adherence to standards.
• Continuously evaluate the threat-landscape for Appian operations and service offerings.
• Evaluate new and evolving solutions and environments for security risk from both a technical and regulatory perspective.
• Analyze international security concerns, emerging threats, vulnerability landscape, and industry regulations to determine new risk exposure or controls that must be implemented to capture markets or reduce risk to the company.
• Implement a data centric approach partnering with security, privacy, legal, product teams to ensure adequate handling and protection of data as it relates to storage and movement of data for compliance with frameworks including GDPR, FedRAMP (Authorization Boundary Guidance), CMMC; this includes experience with understanding method of detection and protection (i.e. cryptographic standards).
• Partner on major projects/initiatives that involve publishing security maturity/standards.
• Implement and design methods to ensure our standards are adhered to in multiple spaces and identify areas of risk to the corporation requiring investment.
• Work directly with customers, regulators, and auditors to communicate controls and processes.

About You:

• 7+ years experience in Information Technology (IT) / Information Security related field
• Strong background in the following technologies and practices: Data protection strategies, risk analysis, AWS, Linux, cryptographic modules, etc.
• Some software development experience with languages such as Java, Python, Ruby, Go, etc
• Experience with modern Cloud Native technologies - Kubernetes, Docker, serverless, etc. Experience with UNIX or its variants, such as Linux
• Experience with and the ability to understand or measure against multiple regulatory frameworks such as FedRAMP, ISO 27000, PCI DSS, CMMC, FAR, etc.
• Experience with and ability to implement Risk Measurement Methodologies such as CMMI, NIST CSF, Mitre ATT&CK framework or equivalent.
• Ability to evaluate environments, architectures, plans against technical requirements to identify gaps or risk against published standards or requirements
• Effective communicator of technical designs and vision verbally, visually and/or in writing for small to medium sized technical and non-technical audiences
• Excellent at problem solving and a talent for identifying creative solutions where policies/standards are implemented at scale, as code.
• Bachelor's or Master's degree in related field of study

About Us:

Appian helps organizations build apps and workflows rapidly, with a low-code automation platform. Combining people, technologies, and data in a single workflow, Appian can help companies maximize their resources and improve business results. Many of the world's largest organizations use Appian applications to improve customer experience, achieve operational excellence, and simplify global risk management and compliance. Our employees create opportunities to drive hands-on impact both with our customers and throughout the organization, which creates an environment where meaningful work is met with career growth and opportunity. As a result, we are proud to have been recognized as a Washington Post Top Workplace for seven consecutive years. Simply put, we are changing the way businesses operate and our employees are to thank for Appian's success.

Appian Corporation is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Further, Appian will not discriminate against applicants for inquiring about, discussing or disclosing their pay or, in certain circumstances, the pay of their co-worker, Pay Transparency Nondiscrimination .

If you need a reasonable accommodation for any part of the employment process, please contact us by email at ReasonableAccommodations@appian.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.