Warsaw, Poland Hybrid Full-time PLN 22,750 – 27,250 / month

Asana is hiring a Security Risk and Compliance Lead

Responsibilities

  • Design, implement, and enhance a scalable third-party risk management (TPRM) framework based on risk tiering, assessment workflows, and governance aligned with organizational growth.
  • Conduct and supervise security evaluations for new and current vendors by analyzing SOC 2 reports, ISO 27001 certifications, security questionnaires (SIG, CAIQ), and related documentation to identify control gaps.
  • Manage follow-up actions from vendor assessments, coordinate remediation efforts with internal teams, and support formal risk acceptance decisions when necessary, ensuring timely resolution and documentation.
  • Establish and maintain a continuous monitoring strategy for high-risk vendors, including periodic reviews, breach alerts, and updates to security posture, while keeping an accurate vendor risk register.
  • Partner with Legal and Privacy teams to evaluate and negotiate security terms in vendor contracts, data processing agreements, and subprocessor arrangements to meet internal policies and regulatory requirements.
  • Create and deliver performance metrics and reports on third-party risk posture for leadership and compliance purposes, including evidence for SOC 2, ISO 27001, and customer audits.
  • Collaborate with a global team to ensure consistent vendor risk practices across regions and time zones, supporting coordinated assessments and risk decisions.

Benefits

  • Competitive, transparent, and equitable pay structure
  • Employment contract provided
  • Eligibility for 50% tax-deductible costs related to author’s rights for qualifying roles
  • Comprehensive health coverage including dental and travel insurance via Lux Med
  • Reimbursement for meals on office workdays
  • Annual budget for professional development and career advancement
  • Allowance for setting up a home office
  • Reimbursement for gym or fitness memberships
  • Access to fertility and family-building healthcare benefits through Carrot
  • Mental wellness support via Modern Health platform
  • Group life insurance coverage
  • Provision of a MacBook and essential accessories

Compensation

Generous, transparent and fair compensation system

Work Arrangement

Hybrid — Warsaw

Other

  • Position located in Warsaw with a hybrid model centered around office presence. Core in-office days are Monday, Tuesday, and Thursday. Most staff may work remotely on Wednesday. Remote work on Friday is subject to role-specific needs.
  • Employees in Poland are hired under a standard employment contract.
  • Health insurance includes dental and travel coverage through Lux Med.
  • Meals are reimbursed for days worked from the office.
  • Annual career growth budget available.
  • Budget provided for home office equipment setup.
  • Gym or fitness expense reimbursement offered.
  • Fertility and family-forming benefits accessible via Carrot.
  • Mental health resources available through Modern Health.
  • Group life insurance provided.
  • MacBooks and required peripherals are supplied.
About company
Asana
Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster.
All jobs at Asana Visit website
Job Details
Category security
Posted 3 days ago