Senior Analyst, Information Security & IT Vendor Risk Management

Requirements

• Bachelor's degree required
• Minimum of 5 years of experience in IT security risk management, third-party/vendor risk management, or related fields
• Previous vendor management experience required
• Understanding of security risks across IT operations, including application development, cloud infrastructure, and disaster recovery
• Proficient in applying security and compliance frameworks such as NIST, ISO 27001, SOC 2, PCI DSS, HITRUST, GDPR, CMMC, and HIPAA
• Experience managing or administering vendor risk management (VRM/TPRM) or governance, risk, and compliance (GRC) platforms
• Skilled in evaluating SOC 2 reports, penetration test results, security questionnaires, and vendor security documentation
• Proven ability to assess risk and identify vulnerabilities through detailed risk reviews
• Demonstrated experience supporting third-party cyber incidents and breach response efforts

Benefits

• Employer Paid Benefits
• 401K with Employer Match
• QRest Sabbatical
• Employee Stock Purchase
• QTS scholarship for dependents
• Eagle Club award trip eligibility
• Paid volunteer days
• Tuition assistance, parental leave and military leave assistance