Senior Information Security Analyst

November 2

Apply Now

Receive Emails with Similar Jobs

Bonterra

WebsiteLinkedInAll Job Openings

1001 - 5000

Description

• Prepares for and facilitates examinations by qualified security assessors for frameworks such as SOC, ISO 27001, and PCI-DSS. • Works closely with other members of the Information Security, Risk, & Compliance team. • Gathers and synthesizes data; presents conclusions; and offers risk mitigation, remediation and process improvement solutions to management. • Works closely with control owners across the company and internal and external auditors to ensure requests are completed in a timely manner. • Identifies potential business risks, operational and regulatory process deficiencies and improvement opportunities. • Communicates risk findings and recommendations that are clear and actionable to all stakeholders. • Performs technical risk assessments of third party suppliers' security and privacy controls. • Maintains register of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities. • Assists in the initial triage of compliance, risk and security requests in the ticket management system to ensure efficiency and prioritization. • Assists in maintaining our overall security awareness, role-based security trainings and phishing simulation programs across the enterprise. • Assists in conducting user activity audits where required.

Requirements

• 6+ years’ experience performing risk and compliance activities or open to less years with addition of relevant course work/degrees • Experience managing multiple priorities independently and in a team environment to achieve goals. • Excellent organizational, planning and time management skills. • Excellent research and analytical skills. • Excellent verbal and written communication skills. • Ability to exercise good judgement and tact in dealing with Bonterra senior management. • Proficient with technology and ability to learn our software systems, including GRC, ticketing and project management software and workflows. • Proven track record of proactively identifying needs and implementing solutions. • May hold one or more information systems security professional certifications (CRISC, CISA, CISSP, CISM, GSEC, GCFA, GCTI, CCSP, or other relevant Information Security certifications).

Benefits

• Generous Flexible Time Off (FTO) Policy • Up to 15 paid company holidays including some commemorating social justice events and self-care • Paid volunteer time • Resources for savings and investments • Paid parental leave • Paid sick leave • Health, vision, dental, and life insurance with additional access to health and wellness programs. • Opportunities to learn, develop, network, and connect