Home > Find Jobs

Job Search

A tropical beach
Tenable, Inc. company logo

Tenable, Inc.

Columbia, Maryland, United States

Posted on: 01 July 2024

Experience

n/a

Work

n/a

Employee Type

n/a

Salary Range

n/a

FedRAMP Information Security Risk Analyst Hybrid Columbia MD

Your Role:

Join our InfoSec team at Tenable as a hands-on (Mid) Risk and Compliance Analyst. Drive compliance and assurance efforts for our products and cloud services while assisting with external risk assessments, security assessments, and audits. Make a real impact on our organization's security and customer trust and come join us at Tenable!

Your Opportunity:

  • Serve as a company representative with prospects, customers, and partners for security questionnaires, assessments, and audits

  • Collaborate with Sales, Engineering, Information Security, IT, and Product Development teams to communicate compliance obligations and requirements

  • Complete Third-Party Risk Assessments (TPRM Program) for new and potential vendors/educate stakeholders on their responsibilities

  • Coordinate and participate in internal and external audit walkthroughs (ISO27k, SOC2, FedRAMP, Customer Audits, IRAP)

  • Help guide and perform remediation of issues identified during third-party assurance or internal reviews

  • Support special projects as needed, which may include:Assisting in the development and execution of the internal compliance program, involving preparation for audits, certifications, and risk assessments.

  • Assisting in the development, administration, and continuous monitoring of internal security controls.

What You'll Need :

  • US Citizenship

  • 2+ years of experience in information security and vendor risk assessments based on industry standards.

  • 2+ years of experience in responding to security assessments, SAQs, compliance requirements, etc

  • 2+ years of experience with implementation, monitoring, and reporting of control processes, documentation, and remediation items

  • Experience working with the Federal Risk and Authorization Management Program (FedRAMP)

  • At least one relevant relevant security certifications (SSCP, Sec+, CISA, etc)

  • BS, BA in Information Technology, Computer Science, Information Security, or other related field

  • Be self-driven with the ability to work independently and comprehend all requirements

  • Strong communication skills and ability to collaborate effectively with all levels

  • Ability to adopt and utilize technology, with advanced proficiency in Excel, PowerPoint, and Vizio/Lucid.

And Ideally:

  • Knowledge of governance, risk and compliance frameworks (GRC)

  • Experience performing or undergoing internal and external audits

  • Analytical mindset with a rational, pragmatic, and realistic approach to security, risk, and compliance

  • Experience in a Big 4 or similar security consulting or risk assurance role

  • Experience as a FedRAMP assessor (3PAO) or advisor.

  • Experience with conducting audits, privacy, BC & DR Program Management

#LI-MM1

#LI-Remote



Please mention the word **BELOVED** and tag RMTg4LjE2Ni4xMDAuMTkx when applying to show you read the job post completely (#RMTg4LjE2Ni4xMDAuMTkx). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.

Tags

security
analyst
infosec
consulting
cloud
management
Apply to job