Job Description
The Information Security Risk & Compliance Analyst is responsible for overseeing and managing cyber controls and various information security risk and compliance activities. This role involves performing third-party security vendor diligence, collaborating with internal and external stakeholders to conduct assessments, and identifying cyber risks.
* Monitor and manage cyber controls and other information security risk and compliance deliverables.
* Conduct third-party security vendor diligence with confidence.
* Liaise with internal and external business stakeholders to perform assessments and identify cyber risks.
* Collaborate closely with compliance, technology teams, and the wider business to manage and mitigate cybersecurity and technology risks.
* Maintain and improve the Information Security Management System (ISMS), policies, standards, and processes.
Must Haves -
1. Bachelor’s degree in IT, Computer Science, or related field (preferred)
2. Knowledge of regulatory requirements (e.g., GDPR, CCPA, SOX, PCI)
3. Familiarity with security controls and technologies (firewalls, IDS/IPS, vulnerability scanners, SIEM)
4. Strong analytical skills for risk identification and assessment
5. Excellent communication and interpersonal skills for stakeholder collaboration
6. Ability to work independently and manag...