![Catalina Marketing](https://media.trabajo.org/img/noimg.jpg)
Security Risk Analyst
hace 2 semanas
**Why Catalina?** Catalina delivers omni-channel solutions to our customers with a long-standing history of rich data assets, but our _greatest _asset is our people. Our guiding principles set the stage for winning in the markets we serve, and our potential is powerful. When you join the Catalina team, you will be part of an inclusive environment that embraces flexibility, community involvement, work-life balance as well as opportunities to grow professionally.
**Our Team**
The Security Risk Analyst plays a pivotal role in safeguarding our organization against the potential risks posed by third-party vendors and service providers. This individual ensures that all external partnerships adhere to strict regulatory standards and internal policies, prioritizing data privacy and security controls by conducting thorough evaluations and risk assessments. Collaborating closely with internal stakeholders, the analyst facilitates a comprehensive approach to third-party risk management, enhancing the integration of services with a keen focus on security and compliance. Additionally, leading and innovating the Security Awareness Program, the analyst champions a culture of security mindfulness across the organization, educating employees on best practices and mitigating the risks of social engineering attacks.
**Responsibilities**
- Evaluate third-party vendors and service providers to identify and mitigate potential organizational risks, ensuring compliance with regulatory requirements and internal policies.
- Work collaboratively with internal stakeholders, including the privacy team, procurement, and business owners, to manage third-party risks effectively, ensuring the secure integration of services and data management.
- Facilitate the completion and evaluation of third-party risk management forms by vendors, ensuring comprehensive risk analysis before proceeding with partnerships.
- Participate and improve the Security Awareness Program, including Phishing campaigns, to educate users on security best practices, contributing to a culture of heightened security awareness and reduced risk of social engineering attacks.
- Proactively conduct risk assessments to identify potential vulnerabilities and compliance gaps with third-party vendors, focusing on data privacy, security controls, and contractual obligations to safeguard organizational assets.
- Recommend and implement risk mitigation plans for identified vulnerabilities, ensuring that all third-party services align with the company's security standards and compliance requirements.
- Monitor and enforce third-party compliance with relevant regulatory standards and internal policies, reducing legal and operational risks.
- Keep accurate and up-to-date records of risk assessments, mitigation actions, and compliance activities to support audit processes and decision-making.
- Assist in SOC2 and other relevant audits by liaising with auditors and conducting thorough IT controls testing to ensure the design and operational effectiveness of security measures.
- Develop and lead the Security Awareness Program, conducting Phishing campaigns and other initiatives to educate and test the workforce, aiming to reduce susceptibility to cyber threats.
- Compile and analyze results from security initiatives, like Phishing campaigns, to identify trends, report on program effectiveness, and adjust strategies accordingly.
- Interact with vendors to conduct assessments and ensure the completion of necessary evaluations, emphasizing the importance of security from the onset of vendor relationships.
- Provide guidance to internal stakeholders regarding the importance of third-party risk management, educating them on the processes and requirements for adding new vendors or services.
- Continually seek opportunities to improve third-party risk management practices, security awareness programs, and compliance processes to adapt to changing threats and regulatory landscapes.
- Other assigned tasks to support the security program.
**Qualifications**
- Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Information Systems, or a related field; or equivalent experience.
- Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or equivalent certifications focused on risk management, audit, and compliance preferred.
- 3 to 5 years of experience in conducting risk assessments, managing third-party risks, and ensuring compliance with relevant standards and regulations.
- In-depth understanding of auditing standards, compliance requirements (e.g., SOC2, ISO 27001, NIST CSF, GDPR), and risk management frameworks.
- Expertise in evaluating and implementing risk mitigation strategies to address vulnerabilities associated with third-party vendors and service providers.
- Strong analytical, communication, and project management skills, essential for managing risk assessments, mitigation actions, and
-
Security Risk Analyst
hace 4 semanas
San José, Costa Rica Splunk OLD (Read Only) A tiempo completoSplunk is the leader in big data and machine learning analytics, with a significant presence in the cybersecurity market. Join us as we pursue our disruptive vision to make machine data accessible, usable, and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our...
-
Security Risk Analyst
hace 3 semanas
San José, San José, Costa Rica Catalina Marketing A tiempo completoWhy Catalina? Catalina delivers omni-channel solutions to our customers with a long-standing history of rich data assets, but our _greatest _asset is our people. Our guiding principles set the stage for winning in the markets we serve, and our potential is powerful. When you join the Catalina team, you will be part of an inclusive environment that embraces...
-
Security Risk Analyst
hace 3 semanas
San José, San José, Costa Rica Splunk OLD (Read Only) A tiempo completoSplunk is the leader in big data and machine learning analytics, with a significant presence in the cybersecurity market. Join us as we pursue our disruptive vision to make machine data accessible, usable, and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our...
-
Security Operations Analyst
hace 3 semanas
San José, San José, Costa Rica GSB A tiempo completoWe are seeking a motivated professional to join its information security operations team as a Security Analyst focused on managing risks and vulnerabilities for a suite of modern applications, API's and services. The Security Analyst will play a critical role in safeguarding the integrity and resilience of EVH's suite of products and services.Key...
-
Cyber Security Operations Analyst
hace 2 semanas
San José, Costa Rica Equifax A tiempo completoAs a Security Analyst, you will have the opportunity to collaborate to monitor, detect and respond to security threats along the global organization. While interacting with other teams across Cyber Security you will conduct security investigations and be able to learn and get experience with each incident. The level 1 Security Operations Center (SOC)...
-
Cyber Security Operations Analyst
hace 3 semanas
San José, San José, Costa Rica Equifax A tiempo completoEquifax is where you can power your possible. If you want to achieve your true potential, chart new paths, develop new skills, collaborate with bright minds, and make a meaningful impact, we want to hear from you.As a Security Analyst, you will have the opportunity to collaborate to monitor, detect and respond to security threats along the global...
-
Security Operations Analyst
hace 3 semanas
San José, San José, Costa Rica GSB A tiempo completoWe are seeking a motivated professional to join its information security operations team as a Security Analyst focused on managing risks and vulnerabilities of a modern technology cloud first environment. The Security Analyst will play a critical role in safeguarding the integrity and resilience of Experian's modern cloud-based infrastructure. Key...
-
Cyber Security Operations Analyst
hace 4 semanas
San José, Costa Rica Equifax A tiempo completoEquifax is where you can power your possible. If you want to achieve your true potential, chart new paths, develop new skills, collaborate with bright minds, and make a meaningful impact, we want to hear from you. As a Security Analyst, you will have the opportunity to collaborate to monitor, detect, and respond to security threats along the global...
-
Governance Risk
hace 1 semana
San José, Costa Rica Mondelēz International A tiempo completo**Are You Ready to Make It Happen at Mondelēz International?** **Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.** You work with the information security team as a competent and experienced information security and compliance specialist. **How you will contribute** **What you will bring** A desire to drive your future and...
-
Security Operations Analyst
hace 2 semanas
San José, Costa Rica GSB A tiempo completoWe are seeking a motivated professional to join its information security operations team as a **Security Analyst **focused on managing risks and vulnerabilities of a modern technology cloud first environment. The Security Analyst will play a critical role in safeguarding the integrity and resilience of Experian’s modern cloud-based infrastructure. **Key...
-
Security Incident Response Analyst Tier 1
hace 3 semanas
San José, San José, Costa Rica DXC Technology A tiempo completoJob specifics/responsibilities: Receive input from various event sources, investigate it for unusual and potentially malicious behavior that may indicate security incidents, and escalate any suspicious activity or anomalies to the Tier 2 SIRCC Analyst team; During security incidents, liaise with the Tier 2 SIRCC Analyst and Tier 3 Incident Coordinator teams...
-
Security Operations Analyst
hace 1 mes
San José, Costa Rica GSB A tiempo completoWe are seeking a motivated professional to join its information security operations team as a Security Analyst focused on managing risks and vulnerabilities of a modern technology cloud first environment. The Security Analyst will play a critical role in safeguarding the integrity and resilience of Experian’s modern cloud-based infrastructure. ? Key...
-
Security Operations Analyst
hace 1 mes
San José, Costa Rica GSB A tiempo completoWe are seeking a motivated professional to join its information security operations team as a Security Analyst focused on managing risks and vulnerabilities for a suite of modern applications, API’s and services. The Security Analyst will play a critical role in safeguarding the integrity and resilience of EVH’s suite of products and services. ? Key...
-
Cyber Security Vulnerability Assessment Analyst
hace 2 semanas
San José, Costa Rica Equifax A tiempo completoAs a **Cyber Security Vulnerability Analyst **, you are responsible for the security of Equifax’s corporate infrastructure as well as the infrastructure hosting Equifax’s SaaS offerings. **What you’ll do** - Responsible for supporting a global program to identify, analyze, and communicate vulnerabilities including mitigation or remediation...
-
Security Compliance Analyst
hace 3 semanas
San José, Costa Rica Equifax A tiempo completoReporting to the Security Compliance Manager, the Security Compliance Analyst is a key member of the Security, Governance and Compliance team. This position is focused on PCI and SOC1/SOC2 compliance, working across multiple business units and markets globally to ensure and deliver upon our annual compliance assessments and improve our security compliance...
-
Security Operations Analyst
hace 3 semanas
San Francisco, Heredia, Costa Rica TTEC A tiempo completoSecurity Operations Analyst - Remote, Costa RicaOur Enterprise Services organization is the machine behind our market-facing product and solution areas, enabling each of our segments to deliver for our clients. Whether Information Technology, Finance, Accounting, Tax or Treasury, Supply Chain or Legal, Marketing, or one of our Human Capital team members, we...
-
Governance Risk
hace 3 semanas
San José, San José, Costa Rica Mondelēz International A tiempo completoAre You Ready to Make It Happen at Mondelēz International?Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.You work with the information security team as a competent and experienced information security and compliance specialist.How you will contributeWhat you will bringA desire to drive your future and accelerate your career.You will...
-
Security Consultant-risk
hace 3 semanas
San Francisco, Heredia, Costa Rica IBM A tiempo completoIntroductionIn this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of...
-
Cyber Security Vulnerability Assessment Analyst
hace 3 semanas
San José, San José, Costa Rica Equifax A tiempo completoAs a Cyber Security Vulnerability Analyst , you are responsible for the security of Equifax's corporate infrastructure as well as the infrastructure hosting Equifax's SaaS offerings.What you'll do Responsible for supporting a global program to identify, analyze, and communicate vulnerabilities including mitigation or remediation strategies. Develop strong...
-
Information Security Analyst
hace 3 semanas
San José, San José, Costa Rica Arkose Labs - Costa Rica A tiempo completoThe mission of Arkose Labs is to create an online environment where all consumers are protected from online spam and abuse. Recognized by G2 as the 2023 Leader in Bot Detection and Mitigation, with the highest score in customer satisfaction and largest market presence four quarters running, Arkose Labs offers the world's first $1M warranties for credential...