Risk and Compliance Analyst - Mid/Sr.
Tenable seeks to hire a hands-on Risk and Compliance Analyst to join its InfoSec-Risk and Compliance team. This role will help drive the compliance and assurance efforts for our products and cloud services. Additionally, they will assist with responding to external vendor risk assessments, security assessments, and audit requests.
- Serves as a team of company representative with prospects, customers, and partners by assisting with completing security questionnaires, assessments, and audits
- Work with Sales, Engineering, Information Security, IT, and Product Development teams to convey compliance obligations and requirements
- Complete Third-Party Risk Assessments (TPRM Program) for new and potential vendors
- Educate stakeholders on their responsibilities
- Coordinate and participate in internal and external audit walkthroughs
- Help guide and perform remediation of issues identified during third-party assurance or internal reviews
- Support special projects as required such as:
- Assisting in the development and execution of the internal compliance program including preparation for audits, certifications, and risk assessments
- Assisting in developing, administering, and ongoing compliance monitoring of internal security controls
What You'll Need:
- 2+ years of experience performing information security and vendor risk assessments based upon industry accepted standards
- 2+ years of experience in responding to security assessments, SAQs, compliance requirements, etc
- 2+ years of experience with implementation, monitoring, and reporting of control processes, documentation, and remediation items
- Ability to operate independently and understand all the requirements
- Ability to work well with others, and communicate effectively with all levels
- Must be analytical and embrace technology
- Rational, pragmatic, and realistic approach to security, risk and compliance
- Excellent verbal and written communication skills
- Advanced user of Excel, Powerpoint, Vizio
- Be self-directed and motivated
- Manage conflicting priorities
- Knowledge of governance, risk and compliance frameworks (GRC)
- Experience performing or undergoing internal and external audits
- Relevant security certifications (SSCP, Sec+, CISA, etc)
- Experience in a Big 4 or similar security consulting or risk assurance role
- Experience conducting audits
- Experience with privacy
- Experience with BC & DR Program Management
- BS, BA in Information Technology, Computer Science, Information Security, or other related
If you’ve reached this point in the job description and feel you’re still not sure if you should apply…Just do it! We know there are no perfect applicants. You may not have 100% of all those bullets listed above - and that’s okay. If you’re feeling like you’re not going to fit in with our teams - that’s not ok. We're One Tenable which means however you identify and whatever background you bring with you, we encourage you to submit an application if it’s a role you can be passionate about doing every day.
We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels.