SOC 1 and SOC 2 audits – Who Needs Engineers https://whoneedsengineers.com/wne_live Software Engineering Recruitment Mon, 30 Sep 2024 00:30:03 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 https://whoneedsengineers.com/wne_live/wp-content/uploads/2023/06/cropped-wne_logo-3-32x32.png SOC 1 and SOC 2 audits – Who Needs Engineers https://whoneedsengineers.com/wne_live 32 32 Information Security Risk Analyst https://whoneedsengineers.com/jobs/cybersecurity/information-security-risk-analyst/ Mon, 30 Sep 2024 00:30:03 +0000 https://whoneedsengineers.com/wne_live/jobs/jobs-categories/information-security-risk-analyst/ Information Security Risk Analyst

Job Description:

    Join a dynamic team dedicated to enhancing the security posture of our organization as an Information Security Risk Analyst. In this role, you will play a crucial part in identifying, assessing, and mitigating information security risks across our enterprise. You will collaborate with various departments to ensure comprehensive risk management practices are in place while maintaining compliance with industry standards and regulations. Your analytical expertise will guide the development of security documentation and policies, enabling us to enhance our information security framework. If you are passionate about cybersecurity and eager to contribute to the protection of sensitive data within the entertainment industry, we encourage you to apply.

IT Languages:

  • Python
  • Java
  • SQL

As an Information Security Risk Analyst, you will undertake a variety of responsibilities to ensure the security and integrity of our information systems.:

    Conduct thorough risk assessments and audits by gathering and analyzing relevant documentation and data.;; Develop and maintain critical security documentation, including policies, standards, and operational procedures.;; Establish and implement procedures to identify and mitigate risks in organizational services and departments.;; Gather information and conduct interviews to complete third-party security assessments.;; Lead assessments of third-party vendors using established risk-scoring tools.;; Monitor internal risk scores and manage vulnerability remediation efforts.;; Advise internal teams and third-party partners on addressing and resolving technical security issues.;; Review and enhance risk management policies and protocols, recommending necessary modifications.;; Continually monitor and report on the effectiveness of internal controls.;; Stay informed about applicable regulations, guidelines, and industry best practices to ensure compliance.;; Draft risk reports and proposals for presentation to executive leadership.

Spoken Languages:

  • English;; Spanish;; French

Skillset:

  • Vulnerability scanners
  • Risk-scoring tools
  • SOC 1 and SOC 2 audits
  • Risk management best practices
  • Technical documentation writing
  • GRC tools expertise

Soft Skills:

  • Excellent verbal communication skills
  • Strong written communication skills
  • Ability to simplify complex technical concepts
  • Effective relationship-building skills
  • Strong organizational and time management abilities
  • Proactive problem-solving attitude

Qualifications:

  • Bachelor’s degree in Information Security, Computer Science, or a related field
  • Experience with risk and compliance tools
  • Familiarity with audits including SOC 1 and SOC 2
  • Proficiency in vulnerability remediation

Years of Experience:

    5

Location:

    United States

Job Benefits:

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Paid time off
  • Health and wellness programs
  • Employee discounts

Working Conditions:

    Full Time

Employment Type:

    Permanent Contract

Company Culture:

  • We foster a collaborative and inclusive work environment where creativity thrives and innovation is encouraged. Our team is composed of dedicated professionals who are passionate about security and committed to protecting our organization. We value diversity and are dedicated to personal and professional growth, providing continuous learning opportunities to enhance skills and knowledge.

Opportunities For Advancement:

  • Professional development programs, Access to industry certifications, Career advancement within the cybersecurity field

Visa Sponsorship:

    Available
]]>