Jobs · Sales · Arizona

Third-Party Risk & Senior InfoSec Analyst

OneAZ Credit Union · Phoenix, AZ · 1 wk ago
Sales$84k–$105k/yrFull-time

Who You Are

You’re impactful, compassionate, and fearless, ready to embrace new challenges and shape the future of financial well-being. You take accountability for our success and thrive in an environment where curiosity is celebrated. If this sounds like you, let’s build something great together.

What You’ll Do

  • Perform risk-based due diligence and ongoing monitoring of third-party vendors
  • Review and analyze Security questionnaires
  • Review and analyze SOC 1 / SOC 2 reports
  • Review and analyze Business continuity and disaster recovery documentation
  • Document vendor risk assessments and identify control gaps
  • Drive remediation efforts and follow up with business owners and vendors
  • Maintain vendor risk inventory and supporting documentation
  • Aid in preparing reports for management and regulatory exams
  • Escalate overdue remediation items and unresolved control gaps
  • Support coordination of incident response activities (cybersecurity, and security/operational incidents)
  • Track incidents from identification through resolution
  • Manage incident documentation, evidence tracking, and record maintenance
  • Aid in post-incident reviews, including root cause analysis and lessons learned
  • Support development and maintenance of incident response procedures and playbooks
  • Coordinate with IT and compliance teams to ensure timely execution of security operational requirements
  • Ensure documentation is complete, organized, and audit-ready
  • Identify and deliver security training programs to employees, promoting best practices and enhancing the organization’s security posture
  • Review penetration testing and security. Perform ongoing analysis of security systems logs and intrusion detection tools/procedures
  • Monitor changes in the security industry including new vulnerabilities, viruses, intrusions, fraud schemes, and best practices and tools available for system/network protection. Recommend appropriate technical changes to maintain designated security protection levels

What You Bring

  • A High School Diploma or GED
  • A Bachelor's Degree in Business, Information Security, Risk Management, or related field (or equivalent experience)
  • 3-5 years similar or related experience in one or more areas: Vendor/Third-Party Risk Management, Information Security or IT Risk, Incident Management or Incident Response
  • Understanding of vendor risk management and due diligence practices
  • Familiarity with SOC reports and basic control frameworks
  • Working knowledge of incident response lifecycle and documentation
  • Strong attention to detail and documentation discipline
  • Ability to manage multiple priorities and meet deadlines
  • Effective written and verbal communication skills
  • Demonstrated ability to independently manage operational security tasks and drive follow-through across stakeholders
  • Strong written and verbal communication with consistent escalation and status reporting discipline

Compensation & Benefits

  • Generous paid time off: paid holidays, floating holidays, personal days, vacation days, plus sick time
  • Low-cost Medical, Dental & Vision plans
  • Paid childcare assistance
  • Award-winning 401K
  • Gym fee reimbursement
  • Tuition Reimbursement
  • Student loan repayment

Additional Notes

  • Knowingly submitting false information will result in disqualification for consideration of future positions, termination of employment and forfeiture of other rights.
  • Candidates for this position will be required to sign an authorization for OneAZ to conduct a credit and criminal background check, pursuant to procedures in the Fair Credit Reporting Act and any other applicable laws.
  • All candidates will be considered for this position on an individualized basis, in compliance with all applicable equal employment opportunity laws.
  • Any individual who meets the definition of a mortgage loan originator (MLO) and is employed by a federal agency-regulated institution will need to be registered on the Nationwide Mortgage Licensing System (NMLS).
  • Ensures compliance with applicable policies, laws, and regulations, including the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) compliance, USA Patriot Act, and Office of Foreign Assets Control (OFAC).

Position Grades

Position grades could fluctuate based on market value.

Apply for this job

* indicates a required field

Similar jobs