Information Security Analyst (Third party vendor risk management)

Smarsh is the leader in communications compliance, archiving, and analytics. We provide compliance across the broadest set of communications channels with insights on what's being captured. Smarsh customers manage over 500 million daily conversations across 80 channels and growing. Customers include the top 10 U.S., top 8 European, top 5 Canadian, and top 3 Asian banks. The Smarsh advantage is customers stay ahead of compliance and uncover patterns and relationships hidden within their data.

At Smarsh, we've been helping our customers manage new forms of communication since 1998. We work closely with regulators including the SEC, FINRA, IIROC, PRA, FCA and with our customers, to ensure they understand the capabilities of today's technology and our platform meets their most stringent requirements. Our products include Connected Capture, Connected Archive, Web Archive & and Business Solutions.

The Cyber and VRM Managed Services team at Smarsh helps customers manage cyber compliance and third-party risk by utilizing our Smarsh's compliance products. We provide white glove service to our customers to reduce risk, streamline operational costs and helping navigate the evolving threat and regulatory landscape.

Primary Responsibilities

• day-to-day operations for Smarsh clients, including managing and reviewing vendor security assessments, providing suggestions to establish or enhance their VRM program when needed, delivering our due diligence solution, and hosting regularly scheduled calls.
• vulnerability testing tools, tactics, and procedures to perform analysis and identify vulnerabilities - Implement static and dynamic security testing as part of an automated application security testing process.
• strong customer service skills to ensure a smooth experience for both our customers and our internal business unit partners.
• with customers via email and phone in a professional manner to guide them through our platform and best practices.
• vulnerability assessment and penetration testing for Smarsh's customers using off the shelf tools.
• other operational duties as assigned as part of the Smarsh VRM team.

Requirements

• 3 to 5 years of related work experience specifically in Vendor Risk Management and/or Information Security.
• CTPRP, CISA, CISM, CRISC or similar certifications are a must.
• Works well under pressure with tight deadlines to deliver superior service to our current/potential clients and
• internal business unit stakeholders.
• Experience reviewing security assessments for completeness and overall risk
• Understands best practice cybersecurity controls, processes, procedures, and policies.
• Proactive, self-motivated, and highly professional, with outstanding customer relationship skills and ability to work unsupervised for extended periods of time.
• Experience with security assessment tools, including Nessus, Metasploit, or Cobalt Strike is desirable.
• Demonstrates project management and documentation skills while managing multiple parallel work streams.
• Detail-oriented with strong interpersonal, written and verbal communication skills
• Ability to overcome challenging learning curves and proficient with both Microsoft Office Suite and Google G- Suite.
• Experience with server administration, TCP/IP networking, vulnerability identification and exploitation

Why Smarsh

Ready to join a thriving tech company that's redefining digital archiving and business intelligence

Smarsh is the leading comprehensive archiving platform. Recognized as one of today's fastest growing companies in the U.S., Smarsh delivers innovative cloud-based solutions that help organizations manage and enforce flexible and secure records retention and compliance strategies for electronic communications, including social media and enterprise social networks (Yammer, Chatter, Facebook, LinkedIn and more).

Our motto is People First. Inspire Confidence. Embrace the Impossible. We hire lifelong learners who have a passion for their discipline and a track record of excellence. To learn more about us, visit www.smarsh.com/careers