留学生海投网 | 直通硅谷

最新职位

Information Security Analyst POST NUMBER: 464906
发布于2026-01-20
Vaco H1B 员工人数:10K+ employees 行业分类:Staffing and Recruiting

Title: Information Security Analyst

Role Overview: The Information Security Analyst is a hands-on role within the Information Security function, partnering closely with IT and business stakeholders to ensure consistent, measurable delivery of security services. This position focuses on third-party risk management, security assessments, and the integration of security controls across enterprise and cloud-based systems.

The ideal candidate has a strong foundation in cybersecurity risk management, vendor security assessments, and core security concepts, and thrives in a fast-paced, highly collaborative environment with modern and emerging technologies.

Key Responsibilities

  • Support a Technology Vendor Management and Third-Party Risk Management program, including vendor risk reviews, renewals, and ongoing monitoring

  • Conduct vendor, product, and application security assessments, partnering with system owners to integrate security early in the project lifecycle

  • Participate in risk reviews and assessments aligned to security and IT control frameworks (NIST CSF, CIS, ISO 27001, ITIL)

  • Coordinate the implementation of core security integrations such as SSO, event logging, alerting, secrets management, and backup/recovery across internal and SaaS applications

  • Partner with business teams to review workflows and recommend security process improvements

  • Support the development and execution of data protection and risk mitigation initiatives

  • Produce clear, written security assessments documenting vendor and application security posture

  • Develop and deliver security metrics, dashboards, and reporting to measure control effectiveness

Required Qualifications

  • 2–3 years of experience in Information Technology

  • Minimum of 2 years of experience in cybersecurity risk management

  • Experience conducting vendor due diligence and third-party security assessments

  • Familiarity with security frameworks and standards such as NIST, ISO 27001, SOC, PCI-DSS, FedRAMP

  • Experience coordinating technical security integrations across systems and applications

  • Strong understanding of operating systems, servers, cloud applications, and infrastructure fundamentals

  • Ability to analyze complex system architectures and identify security integration opportunities

  • Bachelor’s or Master’s degree in a relevant field

Preferred Qualifications

  • Experience with Third-Party Risk Management or GRC platforms (e.g., OneTrust, SIG, or similar tools)

  • Familiarity with identity and access management concepts including SSO, SAML, Active Directory, Azure AD, and cloud IAM

  • Experience with security logging and event management tools (e.g., SIEM platforms)

  • Hands-on exposure to AWS and/or Azure cloud environments

  • Experience producing operational security metrics and dashboards

Tools & Skills

  • Strong cybersecurity fundamentals with a focus on risk, controls, and integrations

  • Experience using productivity and project tracking tools (Microsoft Office, JIRA or similar)

  • Strong written and verbal communication skills

Work Environment

Collaborative, service-oriented environment where teams support one another while maintaining ownership of individual responsibilities.


Hi,我们是直通硅谷!

直通硅谷出品,专为留学生而生。内含Internship/Co-op/New Grad/Entry Level职位,方向涵盖SDE、DATA、AI、HWE、QUANT、UI/UX、PM,大厂、中厂、小厂职位一应俱全。

留学生求职,锁定留学生海投网!

自2015年,直通硅谷独家上岸计划已帮助学员拿下8000+互联网科技大厂offer!