Acquisition Security Analyst at GDIT ensuring technology safety and securing advanced programs. Collaborating on program protection methodologies and conducting lifecycle analysis for critical information.
About the role
- Information Security Analyst evaluating cybersecurity and third-party risk for clients in regulated industries. Utilizing VRM and Cybersecurity Compliance platforms to ensure rigorous security standards.
Responsibilities
- Identify and mitigate risks within third-party environments by meticulously reviewing security documentation and assessments.
- Review vendor risk by evaluating security assessments and documentation; deliver actionable recommendations to strengthen client risk postures.
- Conduct comprehensive vulnerability scans and penetration tests for Smarsh customers using industry-leading, off-the-shelf security tools.
- Produce detailed technical reports that categorize vulnerabilities and provide actionable remediation strategies to help clients resolve security gaps.
- Serve as a subject matter expert and primary point of contact, guiding clients through platform features and cybersecurity best practices via phone and email.
- Manage regular client engagements, deliver high-quality due diligence reports, and contribute to the continuous improvement of Smarsh VRM team operations.
Requirements
- 3–5 years of professional experience specifically within Vendor Risk Management or Information Security.
- Relevant industry certifications are highly desirable (e.g., CTPRP, CISA, CISM, CRISC).
- Familiarity with tools such as Nessus, Metasploit, or Cobalt Strike.
- Strong understanding of TCP/IP networking, server administration, and cybersecurity controls (processes, procedures, and policies).
- Proficient in Salesforce CRM, Microsoft Office Suite, and MS Teams.
- Ability to use AI tools to automate repetitive tasks, such as data mapping, report drafting, or initial vendor documentation reviews.
- Utilize and recommend enhancements to Smarsh’s AI review tools to automate the extraction of critical data from vendor security documentation.
- Proven ability to review complex security assessments for completeness and overall risk impact.
- Exceptional written and verbal communication skills with a "customer-first" mindset.
- Ability to manage multiple parallel workstreams and document processes accurately under tight deadlines.
- A proactive, self-motivated professional capable of working independently for extended periods while maintaining high standards.
Benefits
- Competitive salary
- Flexible working hours
- Professional development budget
- Home office setup allowance
- Global team events
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Operational Safety Analyst supporting safety management and process improvements at Gol Linhas Aéreas. Engaging in compliance and risk management with a diverse team.
Cybersecurity Analyst at EdgeUno responsible for designing and implementing security controls across platforms. Collaborates with teams to ensure secure architecture for ISP and cloud services.
Cybersecurity Analyst designing, implementing, and maintaining security controls across EdgeUno’s network and platforms in Latin America. Requires collaboration with various technical teams and security technology expertise.
Governance & Compliance Security Analyst at EdgeUno improving information security and ISO 27001 compliance. Collaborating with teams to maintain an effective Information Security Management System.
Governance & Compliance Security Analyst maintaining and improving information security governance and ISO 27001 compliance for EdgeUno's digital infrastructure in Latin America.
Cyber Security Analyst supporting design, security, and operation of a Kubernetes - based system for Maricopa County. Collaborating with IT teams and vendors to ensure security and compliance.
Cyber Security Analyst investigating cyber security incidents and enhancing response processes for a sustainable energy company. Supporting global stakeholders with security tools and functions.
Senior Security Analyst leading the handling of escalated security incidents at Landis+Gyr. Mentoring analysts and collaborating on security threats mitigation in a hybrid environment.
Information Security Analyst at Hitss conducting penetration tests and security assessments across IT infrastructures. Collaborating with teams to report and mitigate vulnerabilities.