Who are we?
Equinix is the world’s digital infrastructure company®, operating over 250 data centers across the globe. Digital leaders harness Equinix's trusted platform to bring together and interconnect foundational infrastructure at software speed. Equinix enables organizations to access all the right places, partners and possibilities to scale with agility, speed the launch of digital services, deliver world-class experiences and multiply their value, while supporting their sustainability goals.
Our culture is based on collaboration and the growth and development of our teams. We hire hardworking people who thrive on solving challenging problems and give them opportunities to hone new skills and try new approaches, as we grow our product portfolio with new software and network architecture solutions. We embrace diversity in thought and contribution and are committed to providing an equitable work environment that is foundational to our core values as a company and is vital to our success.
Integrated Risk Engineer (FAIR)
Job Description
The Integrated Risk Engineer is a measurement specialist who directly contributes to the operationalizing of risk management processes to enable a continuous and unified view of information risk across the entire enterprise attack surface. This role is tailored for an individual contributor who will work with a group of dedicated risk engineers collectively providing valuable input to the Integrated Risk Program Senior Manager. The individual filling this role is one who demonstrates the ability to deliberately think through complex technical and business issues to solve measurement problems. This individual should be prepared to articulate risk issues regularly and clearly among widespread audiences with varying levels of experience and understanding of risk concepts.
Responsibilities
As a champion for the promotion of more formal measurement methods to enable better informed strategic, tactical, and operational decision making
As a leader of scalable initiatives that normalize, implement, and operationalize quantitative risk analysis methods supporting IT organizations, regional business functions, and revenue generating product lines
As a sponsor of an RMaaS offering providing services that enable risk to be explicitly managed at an acceptable level
As an analyst incorporating the outside and inside view to estimate risk factors and employ Monte Carlo modelling to accurately forecast risk
As a designer demonstrating effective risk visualization techniques that allow decision makers to evaluate alternatives in well-designed choice environments
As a controls expert with the ability to translate the effectiveness of controls to risk in the context of how it directly effects business loss
As a team member performing quality assurance of your own and fellow analyst output, including the evaluation of data quality, measurement validation, and inspection of results
As a mature communicator of risk analysis purpose, scope, approach, and results to decision makers and other invested stakeholders
As an innovator enhancing the measurement of control efficacy and risk-reduction value of security controls
As a metrics expert developing and operationalizing Key Risk Indicators and Key Performance Indicators that are actively being used to inform decision making
As a coordinator of data-gathering initiatives to improve the precision of risk modelling and reliability of the results
As a consultant providing training, advisement, and direct support to partners seeking to implement quantitative methods to measure and manage risk
As a contributor committed to testing new functionality in our current risk analysis toolset and providing feedback to be utilized in solution development
As an integral part of the building and adoption of a unified Enterprise Risk Management approach aligning with the three lines model to accelerate risk-based decision making at scale
As a professional carrying out the processes defined by the Information Risk Management Framework within an automated decision support platform
Qualifications
3 or more years of experience as an individual contributor practically using quantitative modeling techniques
Strong practical application of critical thinking and analytical skills to complex business problems.
A “fail fast” mindset and strong understanding of the impact of opportunity costs
Capability to triage and balance multiple tasks and competing priorities
Extensive practical experience using the Open Group Standards Risk Analysis (O-RA) and Risk Taxonomy (O-RT)
Advanced security and risk literacy that enables effective communication channels with security teams and business partners
Experience with one or more of the following controls frameworks, standards organizations, and/or regulations: FAIR-CAM, ISO, NIST CSF, NIST 800-53, PCI-DSS, CUI/CMMC, CIS, SOX
Prior work experience in any of the following areas: Pentest/Red Teaming, Vulnerability Management, Threat Modelling, IT Audit, Software Development and Security, Network Architecture and Security, Security Operations, Incident Response, Security Architecture and Engineering, Vulnerability Management, Threat Modeling, Third-Party Risk Management, Enterprise Risk Management
One or more of the following industry-recognized certifications: CRISC, Open FAIR, CRMP, CISSP, CISM, CISA
An undergraduate degree in the domains of IT, Security, Risk, or Economics
Experience using security telemetry data to automate the calculation of risk
Experience quantifying operational and strategic risks outside of IT and Information Security
Extensive experience with using an automated decision support platform to implement advanced risk management workflows
Experience generating reports and dashboards to visualize data with PowerBI
A Graduate degree in the domains of IT, Security, Risk, Psychology, Marketing, or Economics
Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.
Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.
The United States targeted pay range for this position in the following location is / locations are:
• San Francisco, CA / Bay Area: $128,000 to $211,000 per year
• California (Non-SF/Bay Area), Connecticut, Maryland, New York, New Jersey, Washington state: $119,000 to $196,000 per year
• Colorado, Nevada, Rhode Island: $108,000 to $178,000 per year
Our pay ranges reflect the minimum and maximum target for new hire pay for the full-time position determined by role, level, and location. Individual pay is based on additional factors including job-related skills, experience, and relevant education and/or training.
This position may be offered in other locations. Your recruiter can share more about the specific pay range for your preferred location during the hiring process.
The targeted pay range listed reflects the base pay only and does not include bonus, equity, or benefits. Employees are eligible for bonus, and equity may be offered depending on the position.
As an employee, you become important to Equinix’s success. Details about our company benefits can be found at the following link:
USA Benefits eBookEquinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.