About the job Associate Security Research Analyst
About SecurityPal
At SecurityPal we are on a mission to help organizations power growth and innovation through unparalleled customer assurance. We help startups, scale-ups, and publicly traded enterprises grow faster and stay more secure and compliant by removing the friction associated with completing security reviews. This allows our customers to reallocate substantial time and resources to accelerate sales cycles and grow revenue. Our customers include Fortune 500 companies and Global 1000 companies across the United States, Australia, and Europe. We conduct critical business functions for these companies at one of the important phases of their operations.
Security Pal Inc. has about 115 people in Nepal (approximately 140 globally) looking to grow further.
About the role:
As a valuable team member, you will be contributing in the areas of providing Customer Assurance services to our clients. This role involves collaborating with experts in the field to streamline security audits and documentation processes, ultimately saving our clients valuable time and resources.
You will be an amazing fit if you,
enjoy learning and contribution
enjoy challenges and doing something different
want to work in a global startup with a global team
are patient and value hard work
Job Description
Security Questionnaire and Documentation:
- Review, audit, and complete detailed security assessment questions to ensure thorough evaluations.
- Collaborate closely with subject matter experts to gather technical information for the creation, updating, and revision of documentation, as well as responding to security questionnaires, Request For Proposal (RFP), and staying updated on current writing methods, trends, and technologies in the field of security and compliance.
2. Third-Party Vendor Assessment:
- Conduct comprehensive security assessments of third-party vendors, evaluating their cybersecurity controls, practices, and compliance with industry standards.
- Analyze vendor-provided documentation, security questionnaires, and other relevant materials to identify potential risks and vulnerabilities
3. Knowledge Library Management:
- Contribute to building and maintaining knowledge libraries focused on compliance and regulations within the technology industry, with a specific emphasis on client requirements and best practices.
4. Client Deliverables:
- Provide high-quality deliverables to clients within agreed internal and external service level agreements (SLAs).
5. Communication and Collaboration:
- Actively raise issues, provide constructive feedback, and communicate effectively with Security Research Analysts and the Customer Operations Lead.
6. Continuous Learning:
- Contribute positively to our company culture, fostering collaboration, innovation, and a shared commitment to excellence.
- Research, recommend, and oversee industry best practices, compliance, and trends in cybersecurity.
Skills and Requirement
- Be able to apply cyber security compliance experience and knowledge with creative and innovative thinking in a broad range of complex and non-routine contexts.
- Have an understanding and familiarization of SANS, NIST, and CISA.gov information security requirements. Strong understanding of security risk management frameworks and acts such as ISO 27001/27002, GDPR, HIPAA, CCPA, Data Privacy, business continuity, and major compliance key objectives.
Strong communication and comprehension.
Attention to detail.
Ability to collaborate and work in teams.
- Bachelors (BA/BS) degree in Computer Science, Information Security, Information Technology, or equivalent is desirable.
- A prior experience in technology or a service delivery role is preferred.
Note: The position is currently on hold. Once the position becomes available, we will reach out to you. In the meantime, feel free to apply for the position.