Cybersecurity Analyst assisting in the review and implementation of cybersecurity initiatives across a large environment at Kemper. Responding to cyber threats and improving processes and technologies.
About the role
- Security Analyst managing security and compliance programs for fintech startup. Ensuring policies and evidence stay organized and collaborate with Head of Security for execution.
Responsibilities
- Triage and manage incoming security requests from entire company.
- Own and manage the full vendor security assessment lifecycle (new vendors and annual reviews).
- Own and build device management and provisioning process.
- Troubleshoot and enhance in-office IT, wifi and physical security.
- Partner with product/engineering teams to clarify which controls apply to new features, systems, or architectural changes.
- Read python code to understand vulnerabilities and help validate fixes and make small bug fixes or configuration updates when appropriate.
- Maintain organized, audit-ready repositories of policies, SOC reports, and control documentation.
- Assist with security questionnaires from enterprise customers.
- Coordinate evidence collection and organize materials for quarterly/annual audits.
- Update and refine security policies to reflect current controls and organizational practices.
- Track remediation of security findings from vulnerability scans, pentests, and audits.
Requirements
- 1-4 years of experience in GRC, security compliance, IT audit or security operations.
- Familiarity with SOC 2, PCI DSS, ISO 27001, or similar security frameworks.
- Ability to read and understand python code to validate security fixes.
- Strong organizational and documentation skills.
- Ability to own and prioritize multiple tasks open at once.
- Experience with vendor assessments, access reviews, evidence collection, or audit support.
- Comfort working with technical teams, asking clarifying questions, and escalating when need.
- Nice to have: Payments experience.
- Nice to have: Knowledge of penetration testing workflows.
- Nice to have: ability to read node.
Benefits
- 100% of Medical, Dental and Vision premium coverage for yourself and dependents.
- Enjoy regular team lunches at our San Francisco office, fostering collaboration and connection over great food.
- A fun and caring environment that prioritizes transparency, growth, and ownership.
- A talented, diverse, high-achieving, and humble team with diverse backgrounds and viewpoints.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Information Security Analyst managing Information Security Management System at BMLL Technology. Supporting compliance with ISO 27001 and enhancing security measures.
Graduate Cyber Security Analyst at McKesson participating in a 24 - month Cyber Academy program. Monitor security alerts and contribute to incident response efforts while gaining mentorship.
Threat Intelligence Analyst role analyzing cyber threats and providing strategic recommendations. Working with cybersecurity teams at PwC Canada to safeguard client data and systems.
Contract Security Analyst specializing in security operations and incident response for cloud security at Embark. Focus on alert handling, detection engineering, and data loss prevention.
Cyber Security Analyst providing security operations support for USAF Cloud One project. Engaging in incident response and cybersecurity compliance activities within a hybrid environment.
Cybersecurity Analyst responsible for monitoring, analyzing, and responding to security incidents in SOC. Developing detection rules and conducting threat - hunting campaigns within a hybrid work setup.
Information Security Analyst working with Optasia to enforce security controls and protect data. Collaborating on technical projects and auditing systems in a hybrid work environment.
Cyber Security Analyst investigating and responding to security events at A+E Global Media. Collaborating cross - functionally to improve detection and response processes.
Information Security Analyst handling security monitoring and incident response tasks for educational technology company. Collaborating with IT teams to enhance security measures and compliance.