Security Risk Analyst

What you can expect

Zoom is seeking a Security Risk Analyst to join our Security GRC team as we mature the Security Risk Management program and develop new capabilities. In this role, you will assist Security Risk Engineers with identifying, analyzing, monitoring, and reporting security risks using data-driven approaches. This includes supporting risk assessments, managing the security risk register, and collaborating closely with stakeholder teams.

About the Team

Security GRC is a people-first, high-impact team that sits at the intersection of security, product, legal, and leadership. Through our standards, controls, certifications, customer assurance, and risk and vendor management programs, we enable Zoom to move faster and smarter. We help unlock revenue through risk-based security initiatives, creative problem-solving, and strategic partnerships. Join us to help shape GRC innovation in a global tech company while working alongside thoughtful, collaborative, and deeply talented teammates!

Responsibilities

• Triaging and evaluating security risks in accordance with NIST Risk Management Framework, FAIR, and internally established processes.

• Supporting data collection, modeling, and analysis of security risks using both qualitative and quantitative methods. This work spans multiple domains, including cloud security, network security, infrastructure security, product security, endpoint security, and third-party security.

• Collaborating with cross-functional stakeholders in Engineering, Legal, DevOps, IT, and Security in the prioritization and treatment of security risks.

• Guiding the development and documentation of risk treatment plans in line with enterprise risk appetite.

• Monitoring risk mitigation and remediation efforts and reporting on progress.

• Assisting with the administration of the security risk register.

What we’re looking for

• Demonstrate 2+ years of experience in information security or GRC roles. Risk management experience would be a bonus.

• Have knowledge of standard industry frameworks such as NIST, ISO, COBIT, FAIR, OWASP, MITRE Attack, etc.

• Understand information security principles, cybersecurity technologies and best practices, and GRC processes

• Communicate complex security risks clearly to technical and non-technical stakeholders

• Organize and prioritize multiple workstreams in technical environments

• Collaborate effectively across cross-functional teams

• Possess professional certifications such as Security+, CRISC, CGRC, or Open FAIR Foundation (a bonus).

Salary Range or On Target Earnings:

Minimum:

Maximum:

In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.

Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location based compensation structure;  there may be a different range for candidates in this and other locations

At Zoom, we offer a window of at least 5 days for you to apply because we believe in giving you every opportunity. Below is the potential closing date, just in case you want to mark it on your calendar. We look forward to receiving your application!

Ways of Working
Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.

Benefits
As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information.

About Us
Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.
We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment.

Our Commitment​

At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step.

If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.