M+E Technology Job Board
Security, Risk & Compliance Analyst
Pandora
Responsibilities:
Provide limited reporting and analysis support for status of vulnerabilities across company.
Process inbound and outbound vendor security review requests
Collaborate closely with Procurement, Legal, and Security Operations to review products and companies for adherence to Pandora’s security policies and requirements
Perform periodic reviews of existing and legacy vendors for policy compliance
Participate in compliance evidence gathering & generate supporting documentation
Support Information Governance and Data Security efforts as needed
Coordinate with Operations teams to verify patch management processes & procedures
Assist in the selection, presentation and operation of public and internal training & events
Requirements:
Strong verbal and written communication skills
Strong office computing experience
Minimum 1 year experience as an analyst in Information Security, Risk, Fraud Prevention or equivalent training & certification
Experience parsing SOC1 & SOC2 reports
Familiarity with JIRA and Atlassian collaboration tools
Desired:
Automation/scripting experience
Functional skill in at least one programming language (JavaScript, Python, Go)
Experience operating on a UNIX/Linux command line
Familiarity with vulnerability scanning and security testing tools
Strong interest to learn and grow within Information Security & Operations
Active in the local technology and security community
Pandora
Responsibilities:
Provide limited reporting and analysis support for status of vulnerabilities across company.
Process inbound and outbound vendor security review requests
Collaborate closely with Procurement, Legal, and Security Operations to review products and companies for adherence to Pandora’s security policies and requirements
Perform periodic reviews of existing and legacy vendors for policy compliance
Participate in compliance evidence gathering & generate supporting documentation
Support Information Governance and Data Security efforts as needed
Coordinate with Operations teams to verify patch management processes & procedures
Assist in the selection, presentation and operation of public and internal training & events
Requirements:
Strong verbal and written communication skills
Strong office computing experience
Minimum 1 year experience as an analyst in Information Security, Risk, Fraud Prevention or equivalent training & certification
Experience parsing SOC1 & SOC2 reports
Familiarity with JIRA and Atlassian collaboration tools
Desired:
Automation/scripting experience
Functional skill in at least one programming language (JavaScript, Python, Go)
Experience operating on a UNIX/Linux command line
Familiarity with vulnerability scanning and security testing tools
Strong interest to learn and grow within Information Security & Operations
Active in the local technology and security community