107 applicants

Company

Original Job Post

Box · 2 days ago

Senior Security and Compliance Analyst

United States

Full-time

Remote

Senior Level

$84K/yr - $122K/yr

4+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Cloud ComputingEnterprise Software

H1B Sponsorship

Actively Hiring

Growth Opportunities

Insider Connection @Box

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Deliver third-party risk assessments of Box's vendors assess controls, processes, and/or systems to identify risk, develop plans to mitigate against risks, and oversee the remediation plan to completion.

Interact with vendors and internal stakeholders to gather information needed for initial and periodic security and compliance reviews, validations, and audits, and to understand the business objectives.

Review technical architecture diagrams, data flows, and system integration details of potential system changes where suppliers are involved.

Manage and administer tools for performing supplier security and compliance reviews and risk mitigation. This includes data analytics and reporting on Third Party Risk.

Respond to internal and external inquiries, security assessments, and other requests related to Third Party Risk Management.

Propose and drive strategic transformation and operational improvement to continuously improve business outcomes.

Work hard, learn a lot, and have fun!

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information-security-governanceRisk-managementComplianceAuditThird-party-risk-managementSecurity-certificationsSOCISO27001FedRAMPSaaSCloud-environmentData-analyticsTPRM-toolsBusiness-adaptabilityProblem-solvingHard-workingEffective-communicationNegotiatingHighly-organizedAttention-to-detailCISACTPRP

Required

4+ years of experience in Information Security Governance, Risk and Compliance (GRC) or Audit; and 2+ years of experience in Third Party Risk Management.

General understanding of relevant security and compliance certifications and frameworks, including SOC, ISO27001, and FedRAMP.

Experienced with SaaS/Cloud production and development environment; and have knowledge of and interest in Third Party Information Security challenges and trends, including emerging threats.

Experienced with TPRM tools and familiar with using use data analytics solutions.

Able to 'wear multiple hats' at the same time and pivot quickly based on changes in the business.

Effective at written/oral communication and negotiating. Must be highly organized and have a strong attention to detail.

Preferred

CISA or CTPRP preferred but not required.

Benefits

Healthcare benefits

Box Benefits + Perks

Company

Box

Glassdoor

4.3

Box is an online file sharing and cloud content management service offering unlimited storage, custom branding, and administrative controls.

Founded in 2005

Redwood City, California, USA

1,001-5,000 employees

http://www.box.com

H1B Sponsorship

Box has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2023 (42)

2022 (88)

2021 (118)

2020 (109)