As an Information Security Specialist at Venminder you’ll be performing risk assessments on a wide variety of organizations providing services to our clients. You’ll be exposed to the internal control environment within these organizations through assessing their policies, questionnaire responses, and audit reports against our established risk assessment templates.
- Perform risk assessments on organizational controls around information security including cyber and physical, business continuity and disaster recovery, resiliency, privacy, and governance.
- Provide guidance to clients, fellow team members, and supporting teams.
- Participate in the creation and review of industry education materials such as content for blog posts, infographics, and webinars.
- Follow established processes in the performance of risk assessments.
- Other duties as assigned.
- Minimum of 4 years of experience in Information Security, Risk Management, or related field.
- Ability to work remotely effectively.
- Information Security, Risk, or Audit certifications preferred. Examples of preferred: CISSP, CISA, CISM
- Ability to think logically and creatively to find and present solutions to questions.
- Ability to compose client-facing narrative responses to technical questions.
- Understanding of an organization’s overall control environment.
- Ability to work effectively in a high-volume environment.
- Proficient in Microsoft Word and Excel.
- Ability to smoothly transition between changing priorities and processes.
- Self-motivated and results oriented.
In this role, you’d be joining a team of security professionals with a wide range of experience. This is a non-technical role where you’ll be performing risk assessments, reviewing and assessing security policies and procedures from across multiple industries and putting together assessments for our clients. There is no hands-on configuration of security systems or on call technical support needs in this role.
- This role is fully remote outside of an annual team meeting where you’ll be expected to join the team in the office.
- Knowledge and understanding of overall security, resiliency, and privacy, or at least a large subset, is required. You’ll shadow senior members of the team for initial training on how to perform Venminder’s risk assessment services and other activities.
- The team is fully remote, but all members are always available to answer questions and discuss how each other would treat scenarios you encounter and general watercooler discussion.