Security Risk Manager

E.L.F. BEAUTY


Date: 3 weeks ago
City: Ahmedabad, Gujarat
Salary: ₹1,500,000 - ₹3,000,000 per year
Contract type: Contractor
About The Company

e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our multi-brand portfolio includes e.l.f. Cosmetics, e.l.f. SKIN, pioneering clean beauty brand Well People, Keys Soulcare, a groundbreaking lifestyle beauty brand created with Alicia Keys and Naturium, high-performance, biocompatible, clinically-effective and accessible skincare.

In our Fiscal year 25, we had net sales of $1 Billion and our business performance has been nothing short of extraordinary with 26 consecutive quarters of net sales growth. We are the #2 mass cosmetics brand in the US and are the fastest growing mass cosmetics brand among the top 5. Our total compensation philosophy offers every full-time new hire competitive pay and benefits, bonus eligibility (200% of target over the last four fiscal years), equity, and a hybrid 3 day in office, 2 day at home work environment. We believe the combination of our unique culture, total compensation, workplace flexibility and care for the team is unmatched across not just beauty but any industry.

Visit our Career Page to learn more about our team: https://www.elfbeauty.com/work-with-us

Position Summary

We are seeking a highly skilled and proactive Security Risk Manager to join our growing security team. You will be responsible for assessing, monitoring, and mitigating information security risks associated with third-party vendors and service providers. This role ensures vendor relationships comply with organizational security policies, industry regulations, and best practices to protect sensitive data and systems

Responsibilities

  • Conduct comprehensive security risk assessments internally and of third-party vendors, including cloud providers, SaaS vendors, and IT service providers
  • Evaluate internal and third-party security controls, policies, and compliance with frameworks such as NIST, ISO 27001, SOC 2, GDPR, HIPAA, and PCI-DSS
  • Perform due diligence reviews, including security questionnaires, audits, and contract reviews
  • Identify, document, and prioritize risks related to vendor access, data handling, and system integrations
  • Work with procurement and legal teams to ensure security requirements are included in vendor contracts and SLAs
  • Prepare risk reports for senior leadership, highlighting key vendor risks and mitigation strategies
  • Communicate security expectations to vendors and internal stakeholders
  • Maintain a centralized vendor risk repository with up-to-date documentation
  • Stay updated on emerging threats, regulatory changes, and industry best practices
  • Enhance vendor risk assessment processes and tools for efficiency and effectiveness
  • Cross-train team members on risk management principles.
  • Actively participate in the broader corporate security efforts, including infrastructure security, end-user training, and vulnerability management


Qualifications

  • Bachelor’s degree in Information Security, Cybersecurity, Risk Management, or related field
  • 5+ years of experience in IT risk management, vendor risk assessment, or third-party security evaluations
  • Strong knowledge of security frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.)
  • Experience with vendor risk assessment tools
  • Strong GRC (Governance, Risk, and Compliance) platform knowledge
  • Familiarity with cloud security, data privacy laws, and contractual security clauses
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders


Minimum Work Experience

  • 5


Maximum Work Experience

  • 10


This job description is intended to describe the general nature and level of work being performed in this position. It also reflects the general details considered necessary to describe the principal functions of the job identified, and shall not be considered, as detailed description of all the work required inherent in the job. It is not an exhaustive list of responsibilities, and it is subject to changes and exceptions at the supervisors’ discretion.

e.l.f. Beauty respects your privacy. Please see our Job Applicant Privacy Notice (www.elfbeauty.com/us-job-applicant-privacy-notice) for how your personal information is used and shared.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Structural Engineer - Intern

Walter P Moore, Ahmedabad, Gujarat
1 day ago
ResponsibilitiesWe seek well prepared students of top engineering schools to expand their education in structural engineering through the internship program offered at Walter P Moore. As an engineering intern in our structural engineering group, you will participate on project teams for architectural projects of all types, including commercial, sports, healthcare, and public assembly buildings. A sound technical background, strong communication...

UI/UX Web Designer, Alpha (Remote) - $60,000/year USD

Trilogy, Ahmedabad, Gujarat
4 days ago
As a dynamic web designer at Alpha School, you'll transform concepts into captivating designs and live sites faster than you can say 'conversion rate'. Your mission is to drive growth and champion the 2HR Learning initiative by crafting engaging web experiences that seamlessly turn curiosity into commitment. With your knack for creating compelling landing pages, brand-aligned materials, and automated processes,...

AR-PA

Integrity Healthcare Solutions Pvt Ltd, Ahmedabad, Gujarat
6 days ago
About Job RolePrepare and submit medical claims to insurance companies accurately and in atimely manner.Ensure that all required documentation, such as medical records and invoices, isattached to support the claimsRegularly follow up on unpaid or underpaid claims with insurance companies.Use various communication channels, including phone calls and writtencorrespondence, to resolve outstanding issues.Investigate and address claim denials promptly.Determine the reasons for...