Seeking a Security Analyst responsible auditing security controls, assessing security risks from third-party vendors, and ensuring vendor compliance with security standards to protect sensitive data and systems.
Key Responsibilities:
Security Controls Auditing: Collaborate with the IT team to audit security controls, collect evidence, test effectiveness, and document compliance and necessary remediation.
Third-Party Assessments: Coordinate with external auditors to validate control effectiveness and work with the engineering team to implement corrective actions.
Vendor Management: Oversee the vendor management process, assess vendor security risks, ensure security clauses in contracts, monitor compliance, and coordinate incident response.
Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience/certification).
1-2 years of experience in IT or information security.
Experience with vendor management and security tools (firewalls, MFA, endpoint protection).
Familiarity with security frameworks (e.g., NIST, ISO 27001).
Security+ certification (or willingness to pursue).
Strong analytical, communication, and teamwork skills.