Information Security Risk Analyst

January 29

Apply Now

Receive Emails with Similar Jobs

Bonterra

WebsiteLinkedInAll Job Openings

Bonterra is a company that provides purpose-built software solutions designed to enhance the impact and efficiency of nonprofits, corporations, foundations, and public agencies. Their products include tools for corporate social responsibility, strategic philanthropy, employee engagement, grants management, case management, and fundraising. Bonterra empowers organizations with the software, coaching, and expertise needed to maximize their social impact and streamline their operations. The company focuses on serving changemakers aiming to improve social good, expand their supporter base, and achieve greater community outcomes.

1001 - 5000 employees

🤝 B2B

🤝 Non-profit

🌍 Social Impact

📋 Description

• Works closely with other members of the Information Security, Risk, & Compliance team. • Gathers and synthesizes data; presents conclusions; and offers risk mitigation, remediation and process improvement solutions to management. • Works closely with control owners across the company and internal and external auditors to ensure requests are completed in a timely manner. • Identifies potential business risks, operational and regulatory process deficiencies and improvement opportunities. • Communicates information security risk findings and recommendations that are clear and actionable to all stakeholders. • Performs technical risk assessments of third party suppliers' security and privacy controls. • Maintains register of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities. • Assists in the initial triage of compliance, risk and security requests in the ticket management system to ensure efficiency and prioritization. • Assists in maintaining our overall security awareness, role-based security trainings and phishing simulation programs across the enterprise. • Assists in conducting user activity audits where required.

🎯 Requirements

• 3-4 years’ experience performing information security risk and compliance activities or open to fewer years with addition of relevant course work/degrees • Experience managing multiple priorities independently and in a team environment to achieve goals. • Excellent organizational, planning and time management skills. • Excellent research and analytical skills. • Excellent verbal and written communication skills. • Ability to exercise good judgement and tact in dealing with Bonterra senior management. • Ability analyze, classify, and assist in the creation of a response to cybersecurity risks. • Knowledge of and/or experience with designing, implementing, and supporting security controls related to vulnerability management, data encryption, data loss prevention, SIEM, intrusion prevention, anti-virus, and others for compliance with NIST, ISO, SOX, AICPA or PCI DSS standards. • Proficient with technology and ability to learn our software systems, including GRC, ticketing and project management software and workflows. • Proven track record of proactively identifying needs and implementing solutions.

🏖️ Benefits

• Generous Flexible Time Off (FTO) Policy • Up to 15 paid company holidays including some commemorating social justice events and self-care • Paid volunteer time • Resources for savings and investments • Paid parental leave • Paid sick leave • Health, vision, dental, and life insurance with additional access to health and wellness programs. • Opportunities to learn, develop, network, and connect