Information Security Analyst I

$85,000 - $105,000/Yr

Smarsh - Pleasanton, CA

posted 4 months ago

Full-time - Entry Level
Pleasanton, CA
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

Smarsh takes security very seriously. The Information Security Analyst I works with teams to design, deploy, and maintain secure software and business processes. The work includes partnering with a variety of business units to establish repeatable risk management processes and policies in alignment with appropriate industry standards. The role works with external auditors and customers to assess and demonstrate the effectiveness of controls and to re-design controls where necessary to achieve our goals. In this position, you will conduct due diligence and respond to RFP security questionnaires, ensuring annual response quality certification. You will gain proficiency in Smarsh products knowledge for compliance evidence and audits. Additionally, you will support the InfoSec GRC leader in developing the ISO27001 program strategy, charter, and ISMS Manual. Your responsibilities will also include supporting technical risk reporting based on monitoring internal and external vulnerabilities, ensuring timely resolution, and creating vulnerability assessment reports. You will test and manage vendor risk assessment tools and processes, contribute to establishing an Information Security Policy program for ISO27001 ISMS audits, and assist in developing an ISMS reporting dashboard for the council. Furthermore, you will support the launch of firm-wide cybersecurity awareness training and report on completion metrics. Lastly, you will help support the Smarsh Business Continuity Charter, Strategy, Program, and Test planning across products and Corp IT, while developing performance metrics and a Risk reporting dashboard.

Responsibilities

  • Conduct Due Diligence / RFP Security Questionnaire Response and annual response quality certification.
  • Gain proficiency in Smarsh products knowledge for compliance evidence and audits.
  • Support InfoSec GRC leader to develop the ISO27001 program strategy, charter, and ISMS Manual.
  • Support technical risk reporting based on monitoring internal and external vulnerabilities, ensuring timely resolution, and creating vulnerability assessment reports.
  • Test and manage vendor risk assessment tools and processes.
  • Contribute to establishing an Information Security Policy program for ISO27001 ISMS audits and assist in developing an ISMS reporting dashboard for the council.
  • Support the launch of firm-wide cybersecurity awareness training and report on completion metrics.
  • Help support the Smarsh Business Continuity Charter, Strategy, Program, and Test planning across products and Corp IT.
  • Help develop performance metrics and a Risk reporting dashboard.

Requirements

  • 1+ years of Information Security professional experience.
  • Bachelor's degree is desired.
  • Demonstrated experience of being an effective team player.
  • Demonstrated successful experience with risk assessment and vendor management tasks.
  • Experience producing reporting.
  • Have built a network of peers in their field and have various industry experiences.
  • Ability to share knowledge of the relevant regulatory environment and clearly articulate risk management concepts and the process of risk assessments.
  • Data analytical skills and know where to seek Information Security risk reporting guidance.
  • Ability to highlight situations when ethics were strengthened by experiences.
  • Proven effectiveness as a team player.
  • Curiosity about how to protect information.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service