Vaco Recruiter Services
Information Security Analyst
Vaco Recruiter Services, Los Angeles, California, United States, 90079
Title: Information Security Analyst
Role Overview: The Information Security Analyst is a hands‑on role within the Information Security function, partnering closely with IT and business stakeholders to ensure consistent, measurable delivery of security services. This position focuses on third‑party risk management, security assessments, and the integration of security controls across enterprise and cloud‑based systems.
The ideal candidate has a strong foundation in cybersecurity risk management, vendor security assessments, and core security concepts, and thrives in a fast‑paced, highly collaborative environment with modern and emerging technologies.
Key Responsibilities
Support a Technology Vendor Management and Third‑Party Risk Management program, including vendor risk reviews, renewals, and ongoing monitoring
Conduct vendor, product, and application security assessments, partnering with system owners to integrate security early in the project lifecycle
Participate in risk reviews and assessments aligned to security and IT control frameworks (NIST CSF, CIS, ISO 27001, ITIL)
Coordinate the implementation of core security integrations such as SSO, event logging, alerting, secrets management, and backup/recovery across internal and SaaS applications
Partner with business teams to review workflows and recommend security process improvements
Support the development and execution of data protection and risk mitigation initiatives
Produce clear, written security assessments documenting vendor and application security posture
Develop and deliver security metrics, dashboards, and reporting to measure control effectiveness
Required Qualifications
2–3+ years of experience in Information Technology
Minimum of 2 years of experience in cybersecurity risk management
Experience conducting vendor due diligence and third‑party security assessments
Familiarity with security frameworks and standards such as NIST, ISO 27001, SOC, PCI‑DSS, FedRAMP
Experience coordinating technical security integrations across systems and applications
Strong understanding of operating systems, servers, cloud applications, and infrastructure fundamentals
Ability to analyze complex system architectures and identify security integration opportunities
Bachelor’s or Master’s degree in a relevant field
Preferred Qualifications
Experience with Third-Party Risk Management or GRC platforms (e.g., OneTrust, SIG, or similar tools)
Familiarity with identity and access management concepts including SSO, SAML, Active Directory, Azure AD, and cloud IAM
Experience with security logging and event management tools (e.g., SIEM platforms)
Hands‑on exposure to AWS and/or Azure cloud environments
Experience producing operational security metrics and dashboards
Tools & Skills
Strong cybersecurity fundamentals with a focus on risk, controls, and integrations
Experience using productivity and project tracking tools (Microsoft Office, JIRA or similar)
Strong written and verbal communication skills
Work Environment Collaborative, service‑oriented environment where teams support one another while maintaining ownership of individual responsibilities.
#J-18808-Ljbffr
Role Overview: The Information Security Analyst is a hands‑on role within the Information Security function, partnering closely with IT and business stakeholders to ensure consistent, measurable delivery of security services. This position focuses on third‑party risk management, security assessments, and the integration of security controls across enterprise and cloud‑based systems.
The ideal candidate has a strong foundation in cybersecurity risk management, vendor security assessments, and core security concepts, and thrives in a fast‑paced, highly collaborative environment with modern and emerging technologies.
Key Responsibilities
Support a Technology Vendor Management and Third‑Party Risk Management program, including vendor risk reviews, renewals, and ongoing monitoring
Conduct vendor, product, and application security assessments, partnering with system owners to integrate security early in the project lifecycle
Participate in risk reviews and assessments aligned to security and IT control frameworks (NIST CSF, CIS, ISO 27001, ITIL)
Coordinate the implementation of core security integrations such as SSO, event logging, alerting, secrets management, and backup/recovery across internal and SaaS applications
Partner with business teams to review workflows and recommend security process improvements
Support the development and execution of data protection and risk mitigation initiatives
Produce clear, written security assessments documenting vendor and application security posture
Develop and deliver security metrics, dashboards, and reporting to measure control effectiveness
Required Qualifications
2–3+ years of experience in Information Technology
Minimum of 2 years of experience in cybersecurity risk management
Experience conducting vendor due diligence and third‑party security assessments
Familiarity with security frameworks and standards such as NIST, ISO 27001, SOC, PCI‑DSS, FedRAMP
Experience coordinating technical security integrations across systems and applications
Strong understanding of operating systems, servers, cloud applications, and infrastructure fundamentals
Ability to analyze complex system architectures and identify security integration opportunities
Bachelor’s or Master’s degree in a relevant field
Preferred Qualifications
Experience with Third-Party Risk Management or GRC platforms (e.g., OneTrust, SIG, or similar tools)
Familiarity with identity and access management concepts including SSO, SAML, Active Directory, Azure AD, and cloud IAM
Experience with security logging and event management tools (e.g., SIEM platforms)
Hands‑on exposure to AWS and/or Azure cloud environments
Experience producing operational security metrics and dashboards
Tools & Skills
Strong cybersecurity fundamentals with a focus on risk, controls, and integrations
Experience using productivity and project tracking tools (Microsoft Office, JIRA or similar)
Strong written and verbal communication skills
Work Environment Collaborative, service‑oriented environment where teams support one another while maintaining ownership of individual responsibilities.
#J-18808-Ljbffr