Back to Job Search

Third Party Security Analyst

  • Location: San Francisco, California, 94111
  • Job Type:Contract

Posted 17 days ago

Title: Third Party Security Analyst

Location: Remote - US

Type: Contract

 

Primary Activities:

  • Operations support - 70-80% of time
    • Primary operations:
      • Lead security response to Vendor lead RFIs (Due diligence questionnaires)
      • Sourcing from internal control narratives, technical architecture documentation and policies and procedures
      • Sourcing from approved supporting evidence documents: SOC-2, Pen test, Policies, (some of these may need to be redacted)
      • Ensure content is up to date with help from subject matter experts

Secondary operations:

  • Vendor Due Diligence Assessments - via our Vendor Risk Management Platform
    • Project support - 30%
    • Improvements with Risk Methodology - via Process Improvement
      • Identify areas for improvement with internal security narratives across different security products

Third Party Security Analyst Profile:

Minimum:

  • 3+ years experience working in a security GRC role with a preference for Security Compliance
  • Deep exposure to security controls frameworks: NIST 800-53, CIS Top 20
  • Some exposure to 3rd Party Security

Preferred:

  • Experience developing customer facing artefacts including security white papers
  • Experience with Cloud Security: AWS, GCP, Azure