Responsible for maturing operational risk and business continuity capabilities, conducting risk assessments, collaborating across teams, and supporting risk evaluation processes.
Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.
Why join Coupa?
🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.
🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.
🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other.
Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa.
The Impact of a Sr. Security & Risk Analyst – Operational Risk & BCDR at Coupa:
The Sr. Security & Risk Analyst is a professional-level contributor responsible for maturing Coupa’s operational risk, product risk, and business continuity capabilities. This role provides expert-level analysis, coordination, and risk evaluation across technology, product, AI, security, and operational domains.
As a P-level contributor, this analyst independently drives risk assessments, partners cross-functionally to analyze complex systems, influences risk decisions, and ensures that risk and resilience processes operate predictably and consistently. This role requires strong technical understanding, analytical depth, and the ability to turn complex information into actionable recommendations for leadership.
What You'll Do:
- Manage the Operational Risk Register, including intake, scoring, validation, remediation tracking, and monthly reporting.
- Conduct deep-dive risk assessments across cybersecurity, product, cloud, data governance, infrastructure, and business operations.
- Lead SME risk-scoring discussions and partner with risk owners to monitor residual risk, mitigation progress, and emerging trends.
- Perform detailed security and risk evaluations for product features, architecture changes, AI/ML models, and system integrations, delivering clear risk review reports.
- Collaborate with Product, Engineering, AI, Security, Privacy, and Legal to embed risk early and enhance assessment criteria, tools, and processes.
- Support and mature the Third Party Risk and BCDR program by coordinating BIAs, facilitating exercises/tests, documenting results, and maintaining core continuity and recovery plans.
What You Will Bring to Coupa:
- 3–6 years of experience in security risk management, product risk, GRC, cybersecurity, business continuity, or audit.
- Strong understanding of cloud technologies (AWS preferred), SaaS environments, and modern product/solution architectures.
- Hands-on experience conducting technical risk assessments across security, privacy, compliance, architecture, and/or cloud domains.
- Working knowledge of the Third Party Risk and BCDR practices, including BIAs, recovery strategies, testing, and operational resilience principles.
- Familiarity with industry frameworks such as NIST CSF, ISO 27001/27701, SOC 2, PCI DSS, or comparable standards.
- Excellent analytical and written communication skills, with the ability to clearly convey complex risks and engage effectively with senior engineers, architects, and product leaders.
Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees.
Please be advised that inquiries or resumes from recruiters will not be accepted.
By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.
Top Skills
AWS
Iso 27001
Iso 27701
Nist Csf
Pci Dss
Soc 2
Coupa Hyderabad, Telangana, IND Office
Coupa Hyderabad office Office
1st Floor, Orwell Block, Hyderabad, Salapuria Sattva, Knowledge City, India
What you need to know about the Hyderabad Tech Scene
Because of its proximity to leading research institutions and a government committed to the city's growth, Hyderabad's tech scene is booming. With plans to establish India's first "AI city," the city is on track to become one of the world's most anticipated tech hubs, with companies like TransUnion, Schrödinger and Freshworks, among others, already calling the city home.
