We are seeking a detail-oriented **Information Security Analyst** to join our growing team.
In this role, you will play a vital part in supporting third-party risk assessments and contributing to enterprise risk management initiatives, ensuring regulatory compliance and the security of data across our vendor network.
**Responsibilities**
- Support third-party risk assessments with a focus on Information Security and GRC, helping to evaluate inherent and residual risks to enable risk-informed decision-making
- Assist in conducting due diligence on prospective and existing vendors, with an emphasis on basic cybersecurity controls, regulatory compliance (e.g., GDPR, SOC 2, ISO 27001), and data protection practices
- Help ensure the integrity, consistency, and audit-readiness of third-party data within the GRC platform to support reporting and regulatory requirements
- Collaborate with stakeholders in Information Security, Privacy, Legal, Procurement, and Business Units t...