Why this role is important to Field Nation?
The Information Security team works across the Technology organization and Field Nation to implement, monitor, and continuously improve Field Nation’s security, risk, and compliance programs.
As a Information Security Analyst, you will be instrumental in enhancing Field Nation’s Third Party Risk, Vulnerability, and Enterprise Risk Management Programs. Collaborating closely with the Information Security Team, you will build, implement, and contribute to security metrics, policies, procedures, guidelines, and standards within these domains. This role will report to the Director of Information Security.
Your role involves conducting detailed assessments, identifying risks, and improving our overall risk posture through the development and implementation of robust internal controls. Leading third-party risk assessments, you will manage the development and execution of remediation actions and contingency plans tied to third-party risks. Additionally, you will support the triage, reporting, tracking, and validating identified vulnerabilities across our technology stack.
Your efforts will help drive continuous improvement and promote the adoption of security best practices across the organization. The programs you will support are crucial to Field Nation understanding its risk posture and contributing to a more secure environment.
What you’ll do
Third Party Risk: Lead the vendor assessment process and monitor third-party vendors' security practices.Conduct thorough security evaluations of new vendors and regularly review existing vendors.Collaborate with internal stakeholders to ensure third-party compliance with security requirements and policies and develop new mitigating controls as needed.Develop, monitor, and possibly execute third party remediation actions, mitigation and contingency plans when risks or events are identified.Maintain and update the vendor risk management database and related documentation.Collaborate cross-functionally throughout a vendor’s lifecycle to coordinate assessment cadence and scheduling.Identify opportunities to improve Field Nation’s risk posture by developing internal controls to remediate or mitigate third party risks, and assessing the residual risk of third parties.Vulnerability Management:Assist in the identification, assessment, and prioritization of security vulnerabilities across our systems and applications.Support the vulnerability scanning process, analyze results, and coordinate remediation efforts with relevant teams.Track and document vulnerabilities and remediation activities to ensure timely resolution.Develop reporting, metrics, and status updates on remediation efforts.Contribute to the continuous improvement of the vulnerability management program.Enterprise Risk Management:Work collaboratively to generate and report domain-specific security metrics.Contribute to the design, implementation, and dissemination of Information Security policies, procedures, guidelines, and standards.Contribute and drive risk remediation actions to address the root causes that persistently lead to operational risk by challenging both historical and proposed practices.Contribute to incident response efforts and documentation in the event of a security incident.Lead the successful completion of the quarterly UAR (User Access Review) audit process.Assist in the collection of audit evidence to support our security compliance audits.What you’ll bring:
Bachelor’s Degree in Cybersecurity, Information Systems, Computer Engineering, or related discipline or equivalent experience.1-3 years of work experience in Information Security, Risk Management, or related field.Strong understanding of information security principles, risk management, and vulnerability management.Experience with and understanding of security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls).Proven track record of delivering quality third-party/vendor risk and vulnerability management work products.Strong data analytics skills (data cleaning, analysis, & visualization) and tools experience (i.e. spreadsheets, SQL, R 'programming, Tableau).Technical understanding and experience with information security tools (e.g. vulnerability scanners, GRC tools, cloud security posture management).Desire to learn about analyzing vulnerabilities and making risk based recommendations influencing technology teams.Passion for iterating and improving existing technical processes and programs.Thorough understanding of security assessment methodology and risk management process.Track record of effectively managing multiple tasks in Agile and dynamic environments.Ability to work under reasonable pressure, while meeting challenging deadlines.Ability to collaboratively influence others to align on desired outcome in areas outside of direct control.Effective communicator with excellent writing and verbal skills.Ability to effectively mentor other team members as needed.Salary & Benefits
Competitive salary based on experience and qualification.Gratuity benefit.Hybrid Office. (3 days remote,2 days physical)Medical Insurance.FN LLC Performance Reward. Festival Bonus.Gym Membership.Career Development Budget.LinkedIn Learning.Lunch - Fully Subsidized. Sound work-life balance - Regular working hours: 8 hours/day, 5 days a week.Friendly work environment.Flexible leave/vacation policy. A great learning opportunity.The opportunity to work with cross-cultural teams with the US.Annual performance evaluation and increment.Employee Transportation: Drop off available. Office Time
1pm - 10 pm. Why Field Nation?
At Field Nation, we are breaking the barriers to work and enabling the gig economy. We’re a tech company that offers a web-based marketplace solution for buyers and sellers of contract services to simply connect, work, and manage their business. We look for collaborators, innovators, and problem solvers to join us in our common purpose of changing the way work gets done. We were named a Top Workplace by the Star Tribune in 2017, 2018, 2019, and a Top 150 Workplace in 2020. We look to hire extraordinary people and provide them extraordinary benefits.
