Security Risk and Compliance Analyst II-Cyber

About the position

The Security Risk and Compliance Analyst II-Cyber position at Western Alliance Bank is designed for a detail-oriented information security professional with a focus on assessing third-party security risks. This role is critical within the information security organization, primarily responsible for reviewing and evaluating vendor-submitted questionnaires and supporting documentation to identify potential security risks that may not be controlled. The successful candidate will play a key role in ensuring compliance with various information security legal and regulatory requirements, making this position vital for the bank's overall security posture. In this role, the analyst will conduct comprehensive reviews of vendor materials, which may include SOC reports, certifications, policies, and procedures, to assess compliance with the bank's information security requirements. The analyst will be tasked with identifying and documenting any information security gaps found in vendor documentation and will need to request additional documentation through the vendor management process. Collaboration with cross-functional teams is essential to ensure alignment with regulatory standards and best practices, and the analyst will also be responsible for reporting on vendor security reviews, including volume and status updates. The ideal candidate for this position will possess a strong understanding of information security frameworks and common IT principles, along with experience in evaluating vendor security risks. Analytical skills and attention to detail are crucial, as the role requires interpreting complex information security documentation and applying it to practical scenarios. The candidate should also have proven technical writing and communication skills, enabling them to work independently while also collaborating effectively with others.