Seeking a Security Analyst responsible auditing security controls, assessing security risks from third-party vendors, and ensuring vendor compliance with security standards to protect sensitive data and systems.
Key Responsibilities:
- Security Controls Auditing: Collaborate with the IT team to audit security controls, collect evidence, test effectiveness, and document compliance and necessary remediation.
- Third-Party Assessments: Coordinate with external auditors to validate control effectiveness and work with the engineering team to implement corrective actions.
- Vendor Management: Oversee the vendor management process, assess vendor security risks, ensure security clauses in contracts, monitor compliance, and coordinate incident response.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience/certification).
- 1-2 years of experience in IT or information security.
- Experience with vendor management and security tools (firewalls, MFA, endpoint protection).
- Familiarity with security frameworks (e.g., NIST, ISO 27001).
- Security+ certification (or willingness to pursue).
- Strong analytical, communication, and teamwork skills.