Box · 2 days ago
Senior Security and Compliance Analyst
Wonder how qualified you are to the job?
Cloud ComputingEnterprise Software
Insider Connection @Box
Responsibilities
Deliver third-party risk assessments of Box's vendors assess controls, processes, and/or systems to identify risk, develop plans to mitigate against risks, and oversee the remediation plan to completion.
Interact with vendors and internal stakeholders to gather information needed for initial and periodic security and compliance reviews, validations, and audits, and to understand the business objectives.
Review technical architecture diagrams, data flows, and system integration details of potential system changes where suppliers are involved.
Manage and administer tools for performing supplier security and compliance reviews and risk mitigation. This includes data analytics and reporting on Third Party Risk.
Respond to internal and external inquiries, security assessments, and other requests related to Third Party Risk Management.
Propose and drive strategic transformation and operational improvement to continuously improve business outcomes.
Work hard, learn a lot, and have fun!
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
4+ years of experience in Information Security Governance, Risk and Compliance (GRC) or Audit; and 2+ years of experience in Third Party Risk Management.
General understanding of relevant security and compliance certifications and frameworks, including SOC, ISO27001, and FedRAMP.
Experienced with SaaS/Cloud production and development environment; and have knowledge of and interest in Third Party Information Security challenges and trends, including emerging threats.
Experienced with TPRM tools and familiar with using use data analytics solutions.
Able to 'wear multiple hats' at the same time and pivot quickly based on changes in the business.
Effective at written/oral communication and negotiating. Must be highly organized and have a strong attention to detail.
Preferred
CISA or CTPRP preferred but not required.
Benefits
Healthcare benefits
Box Benefits + Perks
Company
Box
Box is an online file sharing and cloud content management service offering unlimited storage, custom branding, and administrative controls.
H1B Sponsorship
Box has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (42)
2022 (88)
2021 (118)
2020 (109)
Funding
Current Stage
Public CompanyTotal Funding
$1.06BKey Investors
Kohlberg Kravis RobertsFuture FiftyGeneral Atlantic
2021-04-08Post Ipo Equity· $500M
2015-01-23IPO· nyse:BOX
2014-07-01Series G· $150M
Recent News
2024-06-04
2024-05-29
Company data provided by crunchbase