What You'll Do Avalara is looking for a security risk specialist to join our team reporting to the Senior Manager, Governance Risk & Compliance. We are looking for the ability to conduct risk analysis at a systemic level, working with engineers and architects as they develop Avalara’s next-generation services. You understand technical controls and be able to analyze application / product security within Avalara, including internal processes and reporting, and risks identified through code and design reviews of both internal and customer-facing software products and solutions. You will report to Senior Manager. What Your Responsibilities Will Be You will perform comprehensive risk assessments aligned with Avalara’s risk management framework and develop applicable remediation plans. You will analyze and identify risks across technical environments, with a focus on application design, software architecture, and security tooling configurations. Guide the identification, management, and mitigation of risks within security infrastructure and technical control implementations. Collaborate with teams, including system owners, developers, and architects, to integrate risk management practices into the development lifecycle. Ensure risk and compliance controls are accomplished across teams and within defined Service level agreements. Coordinate the documentation and migration of control information into Avalara’s GRC platform. What You'll Need to be Successful Bachelor’s degree in Information Technology, Computer Science, or equivalent experience. 3+ years of experience in IT Audit, IT Security, or IT Risk Management. Experience conducting systemic risk analysis in, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST. Experience with application security principles, including the ability to assess risk through code and design review processes. #LI-Onsite How We'll Take Care of You Total Rewards In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses. Health & Wellness Benefits vary by location but generally include private medical, life, and disability insurance. Inclusive culture and diversity Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship. What You Need To Know About Avalara We’re Avalara. We’re defining the relationship between tax and tech. We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year, and this year we became a billion-dollar business. Our growth is real, and we’re not slowing down until we’ve achieved our mission - to be part of every transaction in the world. We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them. We’ve been different from day one. Join us, and your career will be too. We’re An Equal Opportunity Employer Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.