Insight Global
Job Description
The Risk & Compliance Analyst is a critical member of the security team responsible for proactively identifying, assessing, and mitigating security risks across our organization. This individual will leverage vulnerability management tools (Nessus, Qualys, etc.) to generate comprehensive reports, analyze findings, and provide actionable insights to senior leadership. The role requires a strong understanding of security best practices, compliance regulations (e.g., GDPR, HIPAA, PCI), and the ability to translate complex technical findings into clear, concise, and impactful executive-level communications. This position is vital for ensuring the organization's security posture and minimizing potential financial and reputational damage.
Key Responsibilities & Function:
Vulnerability Remediation / Patching:
Generate and maintain dashboards and reports for senior leadership highlighting key risks and compliance status, utilizing Nessus, Qualys, and other vulnerability management tools.
Prioritize vulnerabilities based on risk level and business impact.
Document and track remediation efforts.
Provide regular status updates to senior leadership on vulnerability trends.
Develop and deliver regular risk reports to executive leadership, including:
Executive Summary of key risks and vulnerabilities.
Trend analysis of security incidents and vulnerabilities.
Recommendations for mitigating identified risks.
Create and maintain interactive dashboards using tools like Tableau or Power BI to visualize key risk indicators (KRIs) and compliance status.
Collaboration: Work closely with IT, Security Engineers, and Legal teams to ensure alignment on security priorities.
Maintain thorough documentation of risk assessments, remediation plans, and compliance procedures.
Explore opportunities to automate reporting and analysis tasks using scripting languages (e.g., Python) to improve efficiency.
Collaboration and Communication:
Collaborate with cross-functional teams including application development, network, operations, and security to ensure seamless integration and operations.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Skills and Requirements
Bachelors degree in computer science, Engineering, or a related field
4+ years of experience in a security or compliance role, with a focus on vulnerability management and risk assessment.
Expert-level proficiency with Nessus, Qualys, or similar tools.
Basic scripting (e.g., Python) knowledge is highly desirable.
Strong analytical and problem-solving skills; ability to interpret data and draw meaningful conclusions.
Experience with reporting tools to build dashboards (Tableau, Power BI, MS Excel etc.)
Deep understanding of security best practices (e.g., NIST, CIS).
Knowledge of relevant regulatory frameworks (GDPR, HIPAA, PCI).
Familiarity with risk management methodologies (e.g., ISO 27001).
Understanding of security controls and their effectiveness.
Excellent communication, problem-solving, and organizational skills
Ability to work independently or as part of a team
Willingness to learn new technologies and adapt to changing customer needs Federal industry experience null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.
The Risk & Compliance Analyst is a critical member of the security team responsible for proactively identifying, assessing, and mitigating security risks across our organization. This individual will leverage vulnerability management tools (Nessus, Qualys, etc.) to generate comprehensive reports, analyze findings, and provide actionable insights to senior leadership. The role requires a strong understanding of security best practices, compliance regulations (e.g., GDPR, HIPAA, PCI), and the ability to translate complex technical findings into clear, concise, and impactful executive-level communications. This position is vital for ensuring the organization's security posture and minimizing potential financial and reputational damage.
Key Responsibilities & Function:
Vulnerability Remediation / Patching:
Generate and maintain dashboards and reports for senior leadership highlighting key risks and compliance status, utilizing Nessus, Qualys, and other vulnerability management tools.
Prioritize vulnerabilities based on risk level and business impact.
Document and track remediation efforts.
Provide regular status updates to senior leadership on vulnerability trends.
Develop and deliver regular risk reports to executive leadership, including:
Executive Summary of key risks and vulnerabilities.
Trend analysis of security incidents and vulnerabilities.
Recommendations for mitigating identified risks.
Create and maintain interactive dashboards using tools like Tableau or Power BI to visualize key risk indicators (KRIs) and compliance status.
Collaboration: Work closely with IT, Security Engineers, and Legal teams to ensure alignment on security priorities.
Maintain thorough documentation of risk assessments, remediation plans, and compliance procedures.
Explore opportunities to automate reporting and analysis tasks using scripting languages (e.g., Python) to improve efficiency.
Collaboration and Communication:
Collaborate with cross-functional teams including application development, network, operations, and security to ensure seamless integration and operations.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Skills and Requirements
Bachelors degree in computer science, Engineering, or a related field
4+ years of experience in a security or compliance role, with a focus on vulnerability management and risk assessment.
Expert-level proficiency with Nessus, Qualys, or similar tools.
Basic scripting (e.g., Python) knowledge is highly desirable.
Strong analytical and problem-solving skills; ability to interpret data and draw meaningful conclusions.
Experience with reporting tools to build dashboards (Tableau, Power BI, MS Excel etc.)
Deep understanding of security best practices (e.g., NIST, CIS).
Knowledge of relevant regulatory frameworks (GDPR, HIPAA, PCI).
Familiarity with risk management methodologies (e.g., ISO 27001).
Understanding of security controls and their effectiveness.
Excellent communication, problem-solving, and organizational skills
Ability to work independently or as part of a team
Willingness to learn new technologies and adapt to changing customer needs Federal industry experience null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.