Information Security Risk Analyst II
AcornsFull Time
Junior (1 to 2 years)
Candidates should have 1-3 years of experience in an information security role and possess excellent verbal and written communication, interpersonal, and teamwork skills. Prior demonstration of high initiative and problem-solving skills in a fast-paced environment is expected, along with the ability to manage change, work independently, and a willingness to learn. Interest or prior experience in compliance or data privacy, as well as security certifications or formal education, are preferred but not required.
The Security Analyst will coordinate responses to data subject access and privacy requests, as well as vendor security questionnaires, and assist other team members in responding to customer security questions. They will assess vendor security risks by requesting and reviewing artifacts, respond to security escalations, and partner to improve existing and launch new security and compliance processes, programs, and policies. The role involves responding to internal security-related questions, supporting audit readiness and continuous monitoring of security configurations and control effectiveness, and creating/updating security documentation. Additionally, the analyst will manage and update the Vanta platform, proactively complete assigned security tasks, provide security and privacy expertise to various teams, and partner cross-functionally to support GRC initiatives.
Automates SOC 2 compliance for businesses
Vanta simplifies the process of obtaining and maintaining SOC 2 certification, which is essential for organizations that manage sensitive customer data. The company offers a software-as-a-service (SaaS) platform that automates numerous checks to ensure that security controls are effective and compliant with industry standards. This automation helps small to medium-sized enterprises (SMEs) and tech companies monitor risks and vulnerabilities continuously, significantly reducing the time and cost associated with achieving SOC 2 compliance. Vanta's subscription-based model provides clients with a more efficient and cost-effective way to maintain compliance compared to traditional methods. The goal of Vanta is to transform the compliance process, allowing organizations to focus on their core operations while enhancing their security posture.