Risk Manager, Trust and Security

About The Position

Requirements

• 5+ years of experience in security risk management, security governance, or a closely related role within cloud or SaaS environments.
• Hands-on experience building or operating risk registers and assessment processes (including scoring, prioritization, and risk treatment tracking), and working with security findings from tools such as vulnerability scanners, cloud security posture tools, and penetration tests.
• Strong understanding of cloud security concepts and risks, ideally including Microsoft Azure and modern identity platforms (e.g., Microsoft Entra); ability to translate technical security findings into clear business impact for senior stakeholders.
• Proven analytical and problem-solving skills, proficiency with workflow tools like Jira, and success collaborating with engineering, SRE, security, and distributed teams in multi-tenant environments

Nice To Haves

• Experience partnering with a central or corporate security team (e.g., GIS) in a multi‑business‑unit organization
• Experience preparing executive‑level or C‑suite risk reporting and presentations
• Familiarity with common risk frameworks (e.g., ISO 27005, NIST SP 800‑30, FAIR)
• Exposure to event‑driven cloud architectures and modern SaaS platforms
• Relevant security, cloud, or risk certifications

Responsibilities

• Build and operate a formal security risk management process for Veeam Data Cloud, including risk identification, assessment, prioritization, and tracking
• Own and maintain the VDC Security risk register, ensuring risks are clearly defined, consistently scored, and mapped to underlying evidence (e.g., Jira issues, penetration test reports, vulnerability scans, cloud configuration findings)
• Define and apply a consistent methodology for likelihood and impact, translating technical issues into business‑relevant risk ratings and treatment recommendations
• Aggregate and normalize findings from multiple sources (cloud security tools, penetration tests, audits, engineering reviews) into coherent risks and mitigation initiatives
• Partner with engineering, SRE, and security teams to convert high‑priority risks into actionable work items and projects, and track remediation progress over time
• Collaborate with GIS to align VDC’s risk taxonomy, thresholds, and reporting with enterprise security and compliance requirements
• Prepare and support quarterly executive risk reporting for the VP of VDC Engineering, the CTO, and the President of VDC, highlighting top risks, trends, and progress on mitigation
• Provide risk insights and data to support roadmap planning, investment decisions, and risk acceptance discussions
• Continuously evaluate and improve the effectiveness of risk processes, metrics, and tooling to ensure that VDC’s security investments deliver measurable risk reduction

Benefits

• Unlimited paid time off, 12 paid holidays, plus 4 extra global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares
• Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents
• Medical, dental, and vision coverage starting on your first day
• Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program
• 401(k) retirement plan with company matching contributions
• Fertility, adoption, and surrogacy support through Maven, plus paid volunteer time
• AirVet: 24/7 virtual veterinary care at no cost
• Legal services, identity protection, and supplemental health insurance options
• Tax-advantaged spending accounts for healthcare, dependent care, and commuting
• Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning