Security and Compliance Manager (Third Party Risk)

Job Description

Box is seeking a Security and Compliance Manager to join their Third Party Risk Management (TPRM) team in Warsaw, Poland. This role is crucial for ensuring the security and compliance of Box's suppliers. The Risk Manager will conduct third-party risk assessments, collaborate with stakeholders, and drive strategic initiatives to enhance the team's impact.Responsibilities:

• Deliver third-party risk assessments of Box's suppliers.
• Interact with suppliers and internal stakeholders.
• Manage and administer tools for supplier security and compliance reviews.
• Drive initiatives for strategic transformation and operational improvement.
• Play a role in developing and fostering the Box culture in our growing office.
• Represent Box Poland internally and externally.

Requirements:

• 4+ years of experience in Information Security, GRC, or Audit.
• Experience in Third Party Risk Management is preferred.
• Bachelor’s or Master’s degree in Information Security, Computer Science, Business Administration, or related field.
• Knowledge of security and compliance certifications and frameworks (SOC 2, ISO27001, NIST, PCI).
• Experience solving complex, systemic issues.
• Proficient in English.
• Strong communication and organizational skills.

What Box offers:

• Opportunity to work in a fast-moving SaaS company.
• Chance to drive AI adoption and design new processes.
• Strategic transformation and operational improvement initiatives.
• Benefits and perks offered at Box.
• In-person collaboration being a core part of our culture.