https://bayt.page.link/R9p7fP1aq9V7jkJQ8
Create a job alert for similar positions

Job Description

About the Team:
As a member of our Information security team, you will join a fast-paced and well-rounded security team. You’ll work in a cutting-edge cloud environment that powers our company’s impressive growth. Last year our platform sent over 1 billion messages, helping customers navigate critical communications during significant man-made events and natural disasters. If you are looking to make a difference with your work, and help our customers prioritize safety, then we would love for you to join our team. 

What you'll do:


  • Support the Security & Compliance team in delivering vendor risk management services across the organization.
  • Well-versed in performing vendor risk assessments and managing overall vendor portfolio in a GRC platform.
  • Perform vendor risk assessments for new and existing vendors.  
  • Responsible for reviewing questionnaires and evidence as part of performing vendor risk assessments.
  • Knowledge of partnering with Legal and Privacy on an ongoing basis in the review of information security contractual requirements.
  • Knowledge of Cloud computing and how to assess Cloud-related risks (SaaS, PaaS, IaaS).
  • Knowledge of the overall Procurement process and understanding of Information Security’s role in the process.
  • Design and update vendor risk management procedural documentation as needed.  
  • Perform vendor compliance risk tracking, trending, analysis, and executive reporting.
  • Develop and analyze Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
  • Support integration or improvements of GRC tooling into existing policy, process, workflows, and procedures as necessary to improve efficiency and mitigate risk.
  • Keep abreast of the latest security, privacy, business continuity, regulatory concerns, and best practices impacting third-party risk management.

What you'll bring:


  • 7+ years of experience as a Security Risk Analyst/Consultant
  • Proficient verbal and written communication skills
  • Prior experience conducting audits
  • Knowledgeable of information security standards and regulations (e.g. FedRAMP, NIST, ISO 27001, SOC 2/SSAE18)
  • One or more of the following certifications: CISA, CRISC, CISM, CISSP
  • Prior experience with GRC tools like StandardFusion, Archer etc.

You have reached your limit of 15 Job Alerts. To create a new Job Alert, delete one of your existing Job Alerts first.
Similar jobs alert created successfully. You can manage alerts in settings.
Similar jobs alert disabled successfully. You can manage alerts in settings.