Job details

Risk Analyst

We believe it takes great people to create a great product. That’s why our team lives our company values, and we hire based on them, too. Since 2010, Pipedrive has been on a mission to support sales and marketing teams with easy-to-use, powerful tools that make everyday work faster and easier. Today, our cloud-based software is trusted by over 100,000 companies and used in 179 countries. We have grown from a five-person team to a truly international company of over 850+ people, representing more than 50 nationalities, with ten offices distributed across Europe and the US. In 2020, Pipedrive received a majority investment from Vista Equity Partners, a global investment firm that invests exclusively in enterprise software, data, and technology-enabled businesses, making Pipedrive the fifth unicorn from Estonia.

The risk analyst is a dual-role position that combines the responsibilities of a security incident manager and a generalist role covering Information Security initiatives, including security awareness and training. This role will be integral in managing security incidents while also supporting various InfoSec activities across the organisation.

If you are someone who will take a proactive approach to identifying and mitigating security risks, enhancing employee awareness, and ensuring the organisation’s compliance with security policies and standards, we'd love to meet you!

The position requires participation in a rotating on-call schedule for incident management to ensure continuous coverage for critical security events.

Your new adventure:

Act as an on-call Security Incident Manager (IM), responsible for managing and coordinating responses to security incidents
Participate in a rotating on-call schedule and handovers between incident managers
Provide clear and timely communication during incidents to all stakeholders, ensuring transparency and coordination across teams
Lead post-incident analysis to identify root causes, develop mitigation strategies, and report on incident lessons learned
Develop and improve incident management playbooks and processes to ensure efficient and repeatable workflows
Monitor and respond to evolving security threats and trends, ensuring appropriate preventive measures are in place
Drive the design and implementation of an overall InfoSec awareness program
Analyze patterns from security incidents and vulnerabilities to identify potential risks and recommend proactive measures
Provide risk assessments and data-driven insights to support leadership in making informed security-related decisions
Track and report on key security performance indicators (KPIs) related to both incident management and awareness programs
Ensure alignment with regulatory requirements (ISO27001, SOC2 Type 2) and compliance standards by developing training and mitigation strategies for identified risks

Does this sound like you?

Bachelor’s degree in a STEM field (Science, Technology, Engineering, or Mathematics), Cybersecurity or Information Security
2+ years of experience in security incident management, incident response, or a similar role in information security
Familiarity with security frameworks (e.g., SOC2, ISO 27001) and incident management protocols
Excellent written and verbal communication skills
Ability to engage with technical and non-technical audiences
Strong interpersonal skills
Ability to handle high-pressure situations, provide effective communication, and collaborate with cross-functional teams
Proactive and adaptable, with the ability to balance multiple responsibilities and manage time effectively
Experience in security awareness program management, with a focus on training, phishing campaigns, and program development is a plus

Why Pipedrive:

A value-driven work environment where people come first
A lively bunch of colleagues from over 50 different countries, with offices in Tallinn, Tartu, Lisbon, Prague, London, Dublin, New York, Florida, Riga and Berlin
A team serious about getting things done while not taking ourselves too seriously
A world-class working environment full of perks like parties, craft workshops, snacks and, of course, office dogs
Flexible working hours as long as you’re there for your team members
Freedom to execute your ideas with a passionate and motivated team supporting you
Lots of room for personal and career development, with internal and external training opportunities
Competitive salary and bonus system and all the benefits you’d expect from a great employer (health and accident insurance, health days, a quarterly contribution to sports, in-house coaches, employee discounts and more)

Based on this role's access to certain data, Pipedrive might conduct a pre-employment background investigation in conjunction with your application for employment with our company. Such data will be handled in accordance with Pipedrive's Privacy Policy for Recruitment.

Pipedrive is an equal opportunity employer. We encourage diversity in the workplace regardless of age, gender, race, religion, disability, sexual orientation, gender identity or veteran status.

#LI-Hybrid #LI-LR2

We are looking for a Risk Analyst to join our team in Tallinn.

Pipedrive Glassdoor Company Review

3.6

Pipedrive DE&I Review

No rating

CEO of Pipedrive

Dominic Allon

Approve of CEO

Average salary estimate

$60000 / YEARLY (est.)

min

max

$50000K

$70000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Risk Analyst, Pipedrive

If you're ready to dive into the world of Information Security, then the Risk Analyst position at Pipedrive in Tallinn is the adventure you've been waiting for! At Pipedrive, we believe that great people create great products, and we are on a mission to support sales and marketing teams worldwide with powerful, user-friendly tools. As a Risk Analyst, you will play a crucial role in safeguarding our systems while managing security incidents and contributing to our broader InfoSec initiatives. You'll wear two hats—acting as a Security Incident Manager, coordinating responses to security incidents, and engaging in tasks like refining our security awareness programs and developing training strategies. This isn't just a job; it's a chance to proactively identify risks, enhance employee awareness, and ensure compliance with industry regulations. You'll collaborate with a vibrant, multinational team, engage with various departments, and handle fast-paced situations with professionalism. The position requires you to be on call during certain rotations, but don’t worry—we ensure significant support to help you succeed. If you have a STEM degree and a couple of years of relevant experience, along with a knack for clear communication and collaboration, you might just be a perfect fit for Pipedrive. Together, let’s make a positive impact on our organizational security and bring peace of mind to our amazing team of over 850 people in beautiful Tallinn!

Frequently Asked Questions (FAQs) for Risk Analyst Role at Pipedrive

What are the main responsibilities of a Risk Analyst at Pipedrive?

As a Risk Analyst at Pipedrive, your main responsibilities include acting as an on-call Security Incident Manager, coordinating responses during security incidents, and supporting various Information Security initiatives. You'll develop Incident Management playbooks, lead post-incident analysis, and create awareness programs to ensure employee compliance with security standards.