Bonterra · 16 hours ago

Information Security Compliance Analyst

United States

Full-time

Remote

Mid, Senior Level

$75K/yr - $100K/yr

6+ years exp

Maximize your interview chances

Computer Software

Insider Connection @Bonterra

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Perform as the primary in the executing our annual Service Organization Controls (SOC) reporting initiatives, which includes several Bonterra products.

Works closely with other members of the Information Security Risk team.

Works closely with control owners across the company and internal and external auditors to ensure requests are completed in a timely manner as part of the overall project management process.

Performs technical risk assessments of third party suppliers' security and privacy controls.

Maintains register of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities.

Will be responsible the play book for reporting of high risk events that involve compliance, risk and information security.

Assists in maintaining our overall security awareness, role based security trainings and phishing simulation programs across the enterprise.

Assists in conducting user activity audits where required.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

ComplianceProject managementGRC softwareInformation security certificationsTechnical risk assessmentsVendor risk managementPhishing simulationsUser activity audits

Required

6+ years’ experience performing risk and compliance activities or open to less with a relevant degree

Project management experience.

Experience managing multiple priorities independently and in a team environment to achieve goals.

Excellent organizational, planning and time management skills.

Excellent research and analytical skills.

Excellent verbal and written communication skills.

Ability to exercise good judgement and tact in dealing with Bonterra senior management.

Proficient with technology and ability to learn our software systems, including GRC, ticketing and project management software and workflows.

Proven track record of proactively identifying needs and implementing solutions.

Preferred

May hold one or more information systems security professional certifications (CRISC, CISA, CISSP, CISM, GSEC, GCFA, GCTI, CCSP, or other relevant Information Security certifications).