Vendor Security Lead

About Pinterest:  

Millions of people across the world come to Pinterest to find new ideas every day. It’s where they get inspiration, dream about new possibilities and plan for what matters most. Our mission is to help those people find their inspiration and create a life they love. In your role, you’ll be challenged to take on work that upholds this mission and pushes Pinterest forward. You’ll grow as a person and leader in your field, all the while helping Pinners make their lives better in the positive corner of the internet.

Creating a life you love also means finding a career that celebrates the unique perspectives and experiences that you bring. As you read through the expectations of the position, consider how your skills and experiences may complement the responsibilities of the role. We encourage you to think through your relevant and transferable skills from prior experiences.

Our new progressive work model is called PinFlex, a term that’s uniquely Pinterest to describe our flexible approach to living and working. Visit our PinFlex landing page to learn more. 

Pinterest’s Security team (Pinfosec) is seeking an experienced program manager to drive vendor and third-party security initiatives to keep our users, employees, and infrastructure safe from third-party risk. You will have the opportunity to lead and improve our vendor security program and provide meaningful impact in minimizing risk for Pinterest. You’re passionate about security innovation, and able to vet third-party solutions while minimizing employee friction and maximizing productivity.

 

What you’ll do:

• Perform vendor security assessments in order to minimize risk from third-party services
• Maintain and improve vendor security program while working closely with Security, Legal, IT and other internal stakeholders
• Ensure vendor security issues are identified, communicated, and remediated to an acceptable level of risk
• Interface with other teams and take a leadership role in driving vendor security initiatives
• Manage a team of contractors to deliver the vendor security assessments and have oversight over their Security assessment work
• Conduct periodic reviews of the Vendor Security program to identify areas for improvement and automation and help ensure alignment with key business risks, regulatory requirements, and industry frameworks; revise program documentation as required and communicate program changes to key stakeholders to achieve buy-in
• Drive accurate program metrics through timely updates and thorough documentation of each completed assessment and coaching team members on the same
• Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements

 

What we’re looking for:

• 5+ years experience performing vendor security risk analysis for new and existing vendors
• 3+ years of experience managing an effective Vendor Security program
• Experience designing, managing, and building security programs and best practices
• Familiarity with compliance frameworks (e.g. PCI, GDPR, SOC2, ISO27001)
• Good understanding of various security domains
• Strong sense of ownership and comfortable with autonomy and ambiguity
• Great communicator who is comfortable leading meetings and audit type interviews with vendors
• Bachelors level degree in Computer Science or cognitive discipline, or equivalent cyber security industry experience.

 

In-Office Requirement Statement:

• We let the type of work you do guide the collaboration style. That means we're not always working in an office, but we continue to gather for key moments of collaboration and connection.
  
• This role will need to be in the office for in-person collaboration 1-2 times every 6-months, and therefore can be situated anywhere in the country.

 

Relocation Statement:

• This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model.

 

#LI-HYBRID

#LI-AH2

At Pinterest we believe the workplace should be equitable, inclusive, and inspiring for every employee. In an effort to provide greater transparency, we are sharing the base salary range for this position. The position is also eligible for equity. Final salary is based on a number of factors including location, travel, relevant prior experience, or particular skills and expertise.

Information regarding the culture at Pinterest and benefits available for this position can be found here.

US based applicants only$149,600—$308,000 USD

Our Commitment to Diversity:

Pinterest is an equal opportunity employer and makes employment decisions on the basis of merit. We want to have the best qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, national origin, religion or religious creed, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, age, marital status, status as a protected veteran, physical or mental disability, medical condition, genetic information or characteristics (or those of a family member) or any other consideration made unlawful by applicable federal, state or local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you require a medical or religious accommodation during the job application process, please complete this form for support. Apply