Vendor Security Lead
About Pinterest:
Millions of people across the world come to Pinterest to find new ideas every day. It’s where they get inspiration, dream about new possibilities and plan for what matters most. Our mission is to help those people find their inspiration and create a life they love. In your role, you’ll be challenged to take on work that upholds this mission and pushes Pinterest forward. You’ll grow as a person and leader in your field, all the while helping Pinners make their lives better in the positive corner of the internet.
Our new progressive work model is called PinFlex, a term that’s uniquely Pinterest to describe our flexible approach to living and working. Visit our PinFlex landing page to learn more.
Pinterest’s Security team (Pinfosec) is seeking an experienced program manager to drive vendor and third-party security initiatives to keep our users, employees, and infrastructure safe from third-party risk. You will have the opportunity to lead and improve our vendor security program and provide meaningful impact in minimizing risk for Pinterest. You’re passionate about security innovation, and able to vet third-party solutions while minimizing employee friction and maximizing productivity. This role will report to the Manager of Security Governance, Risk and Compliance. The Pinfosec team sits under the Engineering function. This role does not require any coding experience, though we are happy to consider candidates with that background. This is not a people manager role, although experience of managing contractors is helpful. This is not a Third Party Risk Management role, it is a Security specific role and experience assessing the Security posture of vendors is a prerequisite. If you have experience in broader Third Party Risk Management as well as Security then we welcome your application.
What you'll do:
- Perform vendor security assessments in order to minimize risk from third-party services
- Maintain and improve vendor security program while working closely with Security, Legal, IT and other internal stakeholders
- Ensure vendor security issues are identified, communicated, and remediated to an acceptable level of risk
- Interface with other teams and take a leadership role in driving vendor security initiatives
What we're looking for:
- 4+ years experience performing vendor security risk analysis for new and existing vendors
- 2+ years of experience managing an effective Vendor Security program
- Experience designing, managing, and building security programs and best practices
- Familiarity with compliance frameworks (e.g. PCI, GDPR, SOC2, ISO27001)
- Good understanding of various security domains
- Strong sense of ownership and comfortable with autonomy and ambiguity
- Great communicator who is comfortable leading meetings and audit type interviews with vendors
#LI-REMOTE
#LI-GB2
Our Commitment to Diversity:
At Pinterest, our mission is to bring everyone the inspiration to create a life they love—and that includes our employees. We’re taking on the most exciting challenges of our working lives, and we succeed with a team that represents an inclusive and diverse set of identities and backgrounds.
Pinterest is a visual discovery platform that empowers users to find and share creative ideas, allowing them to dream up new possibilities and plan lasting memories. It's designed for anyone seeking inspiration, from DIY enthusiasts to event planners, making it a hub for innovation and unique experiences.
- Founded
- Founded 2010
- Employees
- 500+ employees
- Industry
- Internet Software & Services
- Total raised
- $1.3B raised