Information Security Risk Analyst
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Information Security Risk Analyst: Identify, assess, and reduce cybersecurity risks across cloud and on-prem environments with an accent on secure cloud development, DevSecOps practices, and third-party risk management. Focus on performing security control assessments using NIST frameworks, evaluating technical implementations, and communicating risks to stakeholders.
Location: San Francisco, 94134
Salary: $137,300–$153,900
Company
Staffing firm providing opportunities in STEM fields, committed to equal opportunity and accommodations for disabilities.
What you will do
- Identify security risks in processes and technologies, leading initiatives to reduce exposure.
- Partner with business and technical teams to implement security controls, policies, and procedures.
- Advise application development teams on secure cloud development and DevSecOps best practices.
- Assess technical implementations in cloud and on-prem environments, recommending control enhancements.
- Evaluate third-party providers, conduct formal security assessments, and prepare detailed reports.
- Communicate risks and business implications to stakeholders, including executives.
Requirements
- Experience performing security control assessments aligned to NIST 800-37 (SCA and CMCA).
- Hands-on experience with NIST 800-53 controls.
- Experience reviewing FedRAMP authorization packages.
- Experience mapping OWASP Top Ten risks in DevSecOps environments.
- Strong understanding of cloud security principles and secure development practices.
- Ability to analyze complex technical issues and translate into actionable risk narratives.
Nice to have
- Experience in DevSecOps, including governance and security automation.
- Exposure to AI/GenAI cybersecurity governance and risk.
- Experience in regulated or compliance-driven environments.
Culture & Benefits
- Collaborative environment with cross-functional partnerships.
- For temporary assignments 13+ weeks: major medical, dental, vision, 401k, statutory sick pay.
- Reasonable accommodations for disabilities.
- Equal opportunity employer, participates in E-Verify.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Staff Security Analyst (Cybersecurity)
Staff Compliance Analyst (Federal)
Staff Security Engineer - Vulnerability Management US Public Sector (Cybersecurity)
Information Security Engineer (Healthcare)
Security Analyst / Program Manager (Cybersecurity)