iSpace, Inc.
Base pay range
$60.00/hr - $65.00/hr
Title:
Information Security Analyst
Duration:
12+ months contract
Hybrid role:
3 days Office, 2 days work from home
Pay rate:
$65 per hr on W2
Location requirement:
Local to Los Angeles candidates only
Summary This is a hands‑on security position working within the Information Security group and with the internal IT department at large. The key focus is to consistently deliver measurable end‑to‑end security services and develop and deploy capabilities that protect enterprise systems and data with the necessary controls and tools to meet policy and compliance requirements.
Responsibilities
Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines and monitoring for renewals and savings opportunities.
Participate in risk reviews of the IT control framework (NIST CSF, CIS, ITIL, ISO 27001, etc.).
Conduct thorough vendor, product and application security assessments, partnering with systems owners to integrate security early during the project lifecycle.
Coordinate across service owners the implementation of core security integrations (SSO, event logs, secrets, alerting, threat modelling and backup/recovery) with applications developed in‑house and externally/ SaaS hosted environments.
Partner with business groups to review workflows and produce outputs to enhance security processes.
Support the development and implementation of a data protection program.
Coordinate with IRM leadership to develop and deliver key security metrics, ensuring technical controls meet desired objectives and measure effectiveness.
Required Capabilities
A minimum of 2-3 years in Information Technology.
A minimum of 2 years’ experience in cybersecurity risk management.
A Bachelor’s or Master’s Degree in a relevant field.
Strong analytical skills in conducting due diligence to identify, assess and prioritize vendor risks.
Familiarity with information security frameworks (NIST, ISO 27001), data privacy regulations (GDPR, CCPA) and security certifications/attestations (SOC, ISO, PCI DSS, FedRAMP).
Experience coordinating technical integrations for security tooling and processes.
Ability to review complex system architectures to locate key security integration opportunities.
Produce a comprehensive, written security assessment of a vendor’s security posture.
Experience using security analytics tooling to produce operational metrics and dashboards.
Solid understanding of the fundamental operations of servers, operating systems, cloud applications and infrastructure.
Desired Skills
Core skills in cybersecurity fundamentals and third‑party risk management.
Familiarity with Third Party Risk Management tools/processes such as OneTrust, SIG or similar GRC platforms.
Hands‑on experience in Azure and AWS cloud environments and familiarity with core cloud services and architecture.
Knowledge of core security concepts such as single sign‑on (PingFed, SAML), identity and access administration (Active Directory, Azure AD, AWS IAM), and event management (Splunk).
Expertise in using Microsoft Office suite and JIRA.
Contact If you’re interested in the above role please send your updated resume to
chakravarthi.savalam@ispace.com .
#J-18808-Ljbffr
Title:
Information Security Analyst
Duration:
12+ months contract
Hybrid role:
3 days Office, 2 days work from home
Pay rate:
$65 per hr on W2
Location requirement:
Local to Los Angeles candidates only
Summary This is a hands‑on security position working within the Information Security group and with the internal IT department at large. The key focus is to consistently deliver measurable end‑to‑end security services and develop and deploy capabilities that protect enterprise systems and data with the necessary controls and tools to meet policy and compliance requirements.
Responsibilities
Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines and monitoring for renewals and savings opportunities.
Participate in risk reviews of the IT control framework (NIST CSF, CIS, ITIL, ISO 27001, etc.).
Conduct thorough vendor, product and application security assessments, partnering with systems owners to integrate security early during the project lifecycle.
Coordinate across service owners the implementation of core security integrations (SSO, event logs, secrets, alerting, threat modelling and backup/recovery) with applications developed in‑house and externally/ SaaS hosted environments.
Partner with business groups to review workflows and produce outputs to enhance security processes.
Support the development and implementation of a data protection program.
Coordinate with IRM leadership to develop and deliver key security metrics, ensuring technical controls meet desired objectives and measure effectiveness.
Required Capabilities
A minimum of 2-3 years in Information Technology.
A minimum of 2 years’ experience in cybersecurity risk management.
A Bachelor’s or Master’s Degree in a relevant field.
Strong analytical skills in conducting due diligence to identify, assess and prioritize vendor risks.
Familiarity with information security frameworks (NIST, ISO 27001), data privacy regulations (GDPR, CCPA) and security certifications/attestations (SOC, ISO, PCI DSS, FedRAMP).
Experience coordinating technical integrations for security tooling and processes.
Ability to review complex system architectures to locate key security integration opportunities.
Produce a comprehensive, written security assessment of a vendor’s security posture.
Experience using security analytics tooling to produce operational metrics and dashboards.
Solid understanding of the fundamental operations of servers, operating systems, cloud applications and infrastructure.
Desired Skills
Core skills in cybersecurity fundamentals and third‑party risk management.
Familiarity with Third Party Risk Management tools/processes such as OneTrust, SIG or similar GRC platforms.
Hands‑on experience in Azure and AWS cloud environments and familiarity with core cloud services and architecture.
Knowledge of core security concepts such as single sign‑on (PingFed, SAML), identity and access administration (Active Directory, Azure AD, AWS IAM), and event management (Splunk).
Expertise in using Microsoft Office suite and JIRA.
Contact If you’re interested in the above role please send your updated resume to
chakravarthi.savalam@ispace.com .
#J-18808-Ljbffr