Logo
LinkedIn

Staff Technical Program Manager - Information Security Risk Management

LinkedIn, Mountain View, California, us, 94035


LinkedIn is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We’re also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that’s built on trust, care, inclusion, and fun – where everyone can succeed.

Join us to transform the way the world works.

At LinkedIn, we trust each other to do our best work where it works best for us and our teams. This role offers a hybrid work option, meaning you can both work from home and commute to a LinkedIn office, depending on what’s best for you and when it is important for your team to be together.This role will be based in our Mountain View, CA campus.

Searching for your dream job in Information Security Governance, Risk and Compliance? At LinkedIn we strive to help our employees find passion and purpose. Join us in changing the way the world works.

LinkedIn is looking for a Staff Program Manager, Information Security Risk Management to join our InfoSec Governance, Risk and Compliance team to empower LinkedIn to create a secure and thriving platform for every member of the global workforce. This role will have a mix of strategic and operational responsibilities working with key stakeholders to assess, respond to and monitor security risk and drive continual improvement of the program at LinkedIn.

Responsibilities

Drive comprehensive security risk assessments across technology, infrastructure, and processes. Collaborate with stakeholders to develop and implement mitigation strategies that align with security objectives and effectively address identified risks.

Enhance and mature the risk response process to promote company-wide awareness and ownership of security risks, ensuring a proactive security culture.

Develop, implement, and maintain continuous risk monitoring processes to ensure timely reporting of Key Risk Indicators (KRIs). Collaborate with cross-functional teams to establish effective risk response strategies.

Analyze risk trends and provide actionable insights to enhance mitigation efforts and support informed decision-making across the organization.

Contribute to security risk reporting initiatives, including the risk register, risk committees, and risk scorecards, to drive transparency and proactive risk management.

Implement and lead quantitative risk analysis methodologies to improve risk assessment accuracy and prioritization of security risks.

Partner with the Enterprise Risk Management team to elevate and communicate strategic security risks at the company level.

Collaborate with stakeholders to embed security risk management into business processes, ensuring clear accountability and proactive mitigation strategies are maintained.

Maintain a deep understanding of business objectives, critical assets, and the company's security risk posture to facilitate effective risk identification, assessment, and monitoring.

Support ongoing security risk awareness by adapting risk scoring, policies, and controls in response to changes in people, processes, or technology that impact the company's security posture.

Contribute to the Governance, Risk, and Compliance (GRC) tooling strategy by prioritizing automation, identifying enhancements, and leveraging features to support security risk management activities.

Own and mature security risk management policies and standards to align with and support the overall strategy.

Drive continual improvement by developing performance metrics and building reporting frameworks to communicate the success of security risk management programs.

Establish strong cross-functional relationships with partner teams across the company to drive security risk management objectives and foster collaboration.

Basic Qualifications

B.S/B.A in a technical field, or equivalent practical experience.

6+ years of experience in Information Security Governance, Risk and Compliance (GRC) programs.

Preferred Qualifications

CISSP, CISA, CISM, CRISC or equivalent certification(s).

Demonstrated understanding of security risk management frameworks.

Experience with common information security frameworks such as SOC 2, PCI DSS, ISO 27001, ISO 27018 and ISO 22301.

Experience leveraging GRC tooling to support security risk management activities.

Easily adaptable and willing to evolve real-time to meet changing demands in a fast-paced environment.

Ability to effectively prioritize and execute tasks in a dynamic environment.

Strong technical, written, and verbal communication skills.

Excellent relationship building skills and track record of positive stakeholder feedback.

Possess a dream big, have fun and get stuff done mindset.

Suggested Skills

Security Risk Management

Risk Assessment

Training and Awareness

Monitoring and Testing

LinkedIn is committed to fair and equitable compensation practices.The pay range for this role is $134,000-221,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor.The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For more information, visit https://careers.linkedin.com/benefits.

Equal Opportunity StatementLinkedIn is committed to diversity in its workforce and is proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is an Affirmative Action and Equal Opportunity Employer as described in our equal opportunity statement here: https://microsoft.sharepoint.com/:b:/t/LinkedInGCI/EeE8sk7CTIdFmEp9ONzFOTEBM62TPrWLMHs4J1C_QxVTbg?e=5hfhpE. Please reference https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf and https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf for more information.

LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation.

Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to:

-Documents in alternate formats or read aloud to you-Having interviews in an accessible location-Being accompanied by a service dog-Having a sign language interpreter present for the interview

A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response.

LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information.

Pay Transparency Policy StatementAs a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: https://lnkd.in/paytransparency.

Global Data Privacy Notice for Job CandidatesThis document provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: https://lnkd.in/GlobalDataPrivacyNotice