What are the responsibilities and job description for the Information Security Analyst position at Latitude Information Security?
Job Description
Job Description
Information Security Analyst – Third Party Risk Assessments
Is this role right for you?
Latitude seeks an entry-level individual who is detail oriented, analytical, and has a high degree of personal accountability for this entry-level position. The successful candidate for this role will learn a highly defined and documented process and, once proficient, will serve as a “go-to” person for third party risk assessments. Consistency and critical thinking in the repeated execution of the assessment process are critical to success in this role.
About us
Latitude Information Security (“Latitude”) is a consulting firm headquartered in the Greater Philadelphia area. We are a team of motivated professionals, committed to protecting our clients’ most valuable and sensitive information. Our talented and passionate team members provide high-quality Information Security services to our nation-wide client base; we are proud to employ a diverse range of talent in an environment that fosters continuous improvement and success.
Your day to day will include :
- Performing comprehensive security risk assessments for client vendors / third parties
- Responding in a timely manner to newly assigned third party / vendor risk assessments
- Coordinating, scheduling, and conducting all interviews necessary for the successful and timely completion of a third-party risk assessment, including interviews with client business staff, client IT staff, vendor / third party staff, and other stakeholders as needed
- Performing follow-up on open assessment items to ensure completion of appropriate third-party questionnaire
- Critical analysis of interview results and questionnaire results to assess areas / elements of vulnerability / risk to the client
- Subjective evaluation of identified risks using a pre-defined, matrix-based approach to determine the severity of identified risks as they relate to the client
- Development of recommended remediation measures for observed vulnerabilities / risks
- Creation of concise but thorough reports following a standard report format summarizing the assessment and its findings
- As needed, scheduling and leading meetings to present and review results and ensure remediation item owners are clear on their responsibilities and actions
- At all times, ensuring that tracking tools are updated with latest details and statuses of all assigned assessments
- Additional duties and projects as identified by management
We’d love to hear from you if you have :
A writing sample will be requested of all candidates.
The successful candidate will work from the Exton, PA office; once fully trained and able to execute the responsibilities of the role autonomously, a balance of time in the office and remote work may be arranged.
Company Description
Latitude Information Security is a cybersecurity consulting firm providing risk assessments, security program development, audit preparation, penetration testing, vCISO and other key services to a nationwide client base. Latitude simplifies the process for meeting and maintaining cybersecurity compliance standards with a detail-oriented approach and a tailored path for each client.
Company Description
Latitude Information Security is a cybersecurity consulting firm providing risk assessments, security program development, audit preparation, penetration testing, vCISO and other key services to a nationwide client base. Latitude simplifies the process for meeting and maintaining cybersecurity compliance standards with a detail-oriented approach and a tailored path for each client.