[Hiring] Information Security Analyst @StackAdapt

Role Description

As an Information Security Risk Analyst, you will play a vital role in keeping StackAdapt’s systems and information secure by helping to identify, assess, and manage information security risks across StackAdapt.

• Support the identification, assessment, and management of information security risks, including maintaining risk registers, monitoring remediation actions, and following up on agreed risk treatments
• Assist with vendor security risk assessments during onboarding and ongoing reviews
• Contribute to customer security assurance activities, such as completing security questionnaires
• Help coordinate StackAdapt’s centralized IT General Controls framework designed to manage security, compliance, and governance for enterprise IT systems
• Participate in the governance of recurring user access reviews (UARs) and segregation of duties (SoD) assessments for enterprise applications
• Support the governance of role-based access controls (RBAC) for enterprise IT applications
• Assist with compliance activities against security frameworks and standards (e.g. SOC 2, PCI, etc.)
• Work with internal teams to gather information and evidence for risk and compliance activities
• Learn about emerging security risks, regulatory requirements, and industry best practices

Qualifications

• Interest in information security governance, risk, and compliance (GRC)
• Understanding of information security and risk management concepts
• Awareness of security frameworks or standards (e.g., ISO 27001, NIST, SOC 2) and/or IT compliance frameworks (e.g., Sarbanes–Oxley (SOX))
• Strong attention to detail and ability to work with documentation and evidence
• Ability to work collaboratively with technical and non-technical stakeholders
• Willingness to learn and develop within an information security or GRC career path

Requirements

• 1 to 3 years of experience in a related field
• Bachelor’s degree (or higher) in cyber security, information technology, risk management, law, business, or a related discipline (or equivalent practical experience)
• Experience supporting risk assessments, audits, or control testing activities
• Ability to work cross-functionally with various teams such as Internal Audit, IT Operations, Engineering, Legal and Finance
• Experience in designing, implementing, and/or managing application user access reviews, segregation of duties reviews, and/or conducting security risk assessments
• Strong communication skills, both written and verbal
• Strong organisational and time management skills, as well as an ability to meet deadlines

Benefits

• Highly competitive salary
• Retirement/401K/Pension Savings globally
• Competitive Paid time off packages including birthdays off!
• Access to a comprehensive mental health care program
• Health benefits from day one of employment
• Work from home reimbursements
• Optional global WeWork membership for those who want a change from their home office and hubs in London and Toronto
• Robust training and onboarding program
• Coverage and support of personal development initiatives (conferences, courses, books etc)
• Access to StackAdapt programmatic courses and certifications to support continuous learning
• An awesome parental leave program
• A friendly, welcoming, and supportive culture
• Our social and team events!