About Us

Braintrust is a user-owned talent network that connects top-tier professionals with the world's leading enterprises. We prioritize transparency, eliminating middlemen and high markups, ensuring job-seekers are matched swiftly to innovative roles while clients benefit from unparalleled efficiency and quality.

About The Hiring Process

The hiring process for this role involves completing your Braintrust profile, applying directly to the role on Braintrust, and undergoing a one-time screening to ensure you meet our vetted talent specifications. After this, the hiring team will contact you directly if they believe you are a suitable match.

Our process isn't for everyone, that's intentional. If you believe that you are a top candidate for this job, please join our network to give yourself the opportunity to work with top companies.

JOB TYPE: Freelance, Contract Position (no agencies/C2C - see notes below)

LOCATION: Work from anywhere - Anytime | No timezone overlap required

HOURLY RANGE Our client is looking to pay $70.00 – $80.00/hr

ESTIMATED DURATION: 40/week - long term

EXPERIENCE: 3-4 years

BRAINTRUST JOB ID: 11406

The Opportunity

Role Title: Security GRC Senior Analyst

Pinterest’s Security team is seeking an experienced Security Governance, Risk, and Compliance Senior Analyst to further build and maintain Pinterests’s Security GRC Program. This is a contractor role to cover temporary leave of the Security GRC manager. The ideal candidate will partner with Pinterest’s Security colleagues to create culture change and ensure security best practices company wide are reflected in Pinterest US and International activities. The Security GRC Senior Analyst will have responsibility for the composition of Pinfosec policies and the administration of the Pinfosec GRC tool (Onspring) and will be an overall advocate for Security Governance, Risk & Compliance across Pinterest.

What You’ll Do

• Develop and maintain key Information Security Policies and standards in conjunction with Policy SMEs
• Define and operationalize routine program metrics to understand program health and increase program adoption and report out on those metrics to key stakeholders
• Ability to provide guidance and support on the use of the GRC platform (Onspring)
• Administer the GRC platform and hold monthly meetings with Security team members to keep security risk register up to date
• Prepare monthly reports on enterprise security risks for Chief Security Officer utilizing Onspring
  
  

What You'll Be Working On

Skills

• Excellent conceptual, organizational, analytical, and problem-solving skills with the ability to influence the behavior of peers and build relationships with other teams.
• Experience collaborating and influencing with stakeholder and partner organizational leadership and management, including vendors and third parties.
• Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent experience or expertise required.
• Minimum 4 years of cybersecurity experience or related experience in IT, or IT Audit.
• One of the following certifications, or equivalent certifications preferred: CISSP, CISM, GIAC, CISA, CRISC.
• Experience reviewing and interpreting information security data and processes for potential control or framework compliance issues (PCI, NIST, CIS V.8).
• Working knowledge of Governance Risk and Compliance (GRC) tools (ideally Onspring) and automation of risk evaluation, integration with enterprise risk functions, and reporting.
• Experience populating and maintaining a risk register
• Experience and working knowledge of security risk assessment and control frameworks, good understanding of the role and function of regulations, data management practices, and cybersecurity tooling.
• Experience writing Security Policies
• Working knowledge of the role of firewalls, vulnerability management, penetration testing, server and desktop configuration and controls, and encryption, and broad understanding of various security domains.
• Strong sense of ownership and comfortable with autonomy and ambiguity
• Outstanding communication and writing skills that enable you to proactively build relationships, inform others, and clearly explain security requirements to people
  
  

Education

• Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent experience or expertise required.
• Minimum 4 years of cybersecurity experience or related experience in IT, or IT Audit.
• One of the following certifications, or equivalent certifications preferred: CISSP, CISM, GIAC, CISA, CRISC.
  
  

Apply Now!

Notes

Our employers all have varying legal and geographic requirements for their roles, they trust Braintrust to find them the talent that meet their unique specifications. For that reason, this role is not available to C2C candidates working with an agency. If you are a professional contractor who has created an LLC/corp around their consulting practice, this is well aligned with Braintrust and we’d welcome your application.

Braintrust values the multitude of talents and perspectives that a diverse workforce brings. All qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status.