Associate Security Analyst

We are searching for an Associate Security Analyst! 

First, what is CyberGRX? 

CyberGRX is at the cutting edge of cybersecurity technology by providing enterprises and their third-party vendors with the most cost-effective and scalable approach to cyber risk management. With 63% of data breaches being linked to a third party, CyberGRX arms organizations with the data and advanced analytics to efficiently manage, monitor and mitigate risk in their partner ecosystems. Built on the market's first third-party cyber risk Exchange, CyberGRX combines both third-party vendors and enterprise organizations in one easy-to-navigate platform to streamline the risk assessment process. 

What does an Associate Security Analyst do at CyberGRX? 

Security Analysts play a vital role in securing CyberGRX’s sensitive data, information systems, and personnel. Analysts work inter-departmentally to identify, research, and address specific flaws in the company’s information systems and procedures, while recommending measures that will improve CyberGRX’s overall security posture. As a Security Analyst you will be immersed in the world of cybersecurity that is constantly evolving and facilitating new challenges and opportunities to advance your knowledge and skills. This  role requires an inquisitive mind, exceptional attention to detail, and the ability to manage multiple concurrent workflows and projects. 

What a day in the life looks like (Role Responsibilities):

• You will learn how to monitor and respond to notifications and alerts from security tools such as Lacework, Tenable, Cylance, Google Workspace, etc.
• You will evaluate the security of third-party vendors and collaborating with them to develop corrective action plans
• You will analyze security incident data to identify and document root causes
• You will research security vulnerabilities and industry trends
• You will perform routine security activities such as access review audits
• You will assist in the maintenance of the company’s security governance documentation (policies, plans, and standards)
• You will manage the security awareness training program, including designing and conducting internal phishing campaigns
• You will manage the Risk Register including working with appropriate stakeholders to address identified risks

What you bring to the table (Qualifications/Skills): 

• You have already demonstrated a burning desire to understand cybersecurity concepts and work in the cybersecurity industry
• You have at minimum, a basic knowledge of fundamental security principles such as threats, vulnerabilities, and risks
• You bring an inquisitive and knowledge seeking mindset
• You have a structured and detail-oriented work mentality
• You have a knack for creative problem solving
• You take joy in successfully completing recurring tasks
• You have strong writing and documentation skills
• You have excellent interpersonal skills
• You are a “self-starter”, who is intrinsically motivated
• Bonus points if you have the following:
• You have successfully completed the Sec+, Network+, or similar certifications
• You have completed any formal training or degrees in information technology or security domains
• You have built personal computers or home networks for fun
• You have completed an internship or year of work in an IT or other tech-based role

Why you want to work for CyberGRX:

• We offer a competitive base salary (commensurate with experience) plus incentive compensation. 
• We have an incredible benefits package including:
• 100% Company paid medical/dental/vision for employees & generous company contribution for dependent health benefits 
• 401(k) program, including employer match up to 3% of your base salary
• $100/month stipend to use for wellness and WFH expenses
• Equity – Acting like an owner is one of our Core Values
• Remote Friendly Work Environment 
• Open Time Off policy - Take the time you need when you need it.
• We are doing new and exciting things and have big plans for growth!

Annual Base Salary Range: $55,000 - $65,000

Annual Bonus Potential: 10% of base salary

We encourage you to apply if this role excites you - even if you think you may not have the exact skillset. We believe in cultivating an environment where there is a diversity of perspectives, in hopes that we can all thrive in an inclusive environment.  

CyberGRX does not discriminate in employment matters on the basis of race, color, religion, gender, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class. We support workplace diversity.

*CyberGRX requires employees working in the office and attending in-person company events to be fully vaccinated against COVID-19.