Information Security Analyst - GRC
Field Nation
Why is this role important to Field Nation?
At Field Nation, maintaining a robust and proactive security posture is critical to our mission of delivering trusted services and achieving our growth objectives. Our Information Security team is essential in managing risks, ensuring compliance with frameworks like SOC 2 and ISO 27001, and implementing effective security controls across the organization. As an Information Security Analyst, you will play a pivotal role in maturing our Risk Management program, operating and enhancing our SOC 2 scope and processes, and owning our vendor management program. Your expertise in data analytics and risk assessment will help define risk tolerance levels, create data-driven metrics to visualize our security health, and make informed recommendations to leadership. By leading compliance efforts and collaborating across teams, you will directly contribute to protecting our assets, satisfying compliance obligations, and driving continuous improvement. This position offers the opportunity to make a significant impact in a dynamic, high-growth environment where collaboration and innovation are highly valued. This position is located in Dhaka, Bangladesh and reports to the Director of Information Security.What you’ll doDevelop, implement and administer a strategic, comprehensive information security risk management program and security controls library aligned with Field Nation’s risk tolerance.Work collaboratively to scope and execute risk assessments, generate security metrics, and drive remediation.Conduct thorough security evaluations of new vendors and regularly review existing vendors.Collaborate with internal stakeholders to ensure third-party compliance with security requirements and policies and develop new mitigating controls as needed.Identify opportunities to improve Field Nation’s risk posture by developing internal controls to remediate or mitigate third-party risks and assessing their residual risk.Contribute to the design, implementation, and dissemination of Information Security policies, procedures, guidelines and standards.Collaborate across technical teams to support vulnerability analysis, threat modeling, and security control testing efforts for the Field Nation platform and broader organization. Lead the successful completion of the quarterly UAR (User Access Review) audit process.Support our SOC 2 and ISO compliance audits, develop subject matter expertise and maintain a strong working relationship with our External Auditors.Collect and manage evidence in support of information security compliance objectives.Contribute to incident response efforts and documentation in the event of a security incident.What you’ll bring: Bachelor’s Degree in Cybersecurity, Information Systems, Computer Engineering, or related discipline or equivalent experience. Minimum of 3 years’ work experience in IT Risk Management, SOC 2 and ISO compliance and auditing with a strong background in IT controls.A background in auditing SaaS based tech (AWS, GCP, Azure, and other SaaS based vendors like Salesforce, Workday, ServiceNow, etc.).Expert understanding of SOC 2, ISO, and other compliance frameworks.Experience developing, and implementing security and control solutions that address SOC2 and ISO 27001 requirements.Strong data analytics skills (data cleaning, analysis, & visualization) and tools experience (i.e. spreadsheets, SQL, R programming, Tableau). Technical understanding and expertise across multiple information security competency areas. Technical understanding and experience with information security tools (e.g. vulnerability scanners, GRC tools, cloud security posture management). Experience analyzing vulnerabilities and making risk based recommendations influencing leadership.Thorough understanding of security assessment methodology and risk management process.Track record of effectively managing multiple tasks in Agile and dynamic environments.Ability to work under reasonable pressure, while meeting challenging deadlines.Ability to collaboratively influence others to align on desired outcome in areas outside of direct control.Effective communicator with excellent writing and verbal skills.Ability to effectively mentor other team members as needed.Salary & BenefitsCompetitive salary based on experience and qualification.Gratuity benefit.Hybrid Office. (3 days remote,2 days physical)Medical Insurance.FN LLC Performance Reward. Festival Bonus.Gym Membership.Career Development Budget.LinkedIn Learning.Lunch - Fully Subsidized. Sound work-life balance - Regular working hours: 8 hours/day, 5 days a week.Friendly work environment.Flexible leave/vacation policy. A great learning opportunity.The opportunity to work with cross-cultural teams with the US.Annual performance evaluation and increment.Employee Transportation: Drop off available. Office Time1pm - 10 pm. Salary Range70k-100k Why Field Nation?
At Field Nation, we are breaking the barriers to work and enabling the gig economy. We’re a tech company that offers a web-based marketplace solution for buyers and sellers of contract services to simply connect, work, and manage their business. We look for collaborators, innovators, and problem solvers to join us in our common purpose of changing the way work gets done. We were named a Top Workplace by the Star Tribune in 2017, 2018, 2019, and a Top 150 Workplace in 2020. We look to hire extraordinary people and provide them extraordinary benefits.
At Field Nation, maintaining a robust and proactive security posture is critical to our mission of delivering trusted services and achieving our growth objectives. Our Information Security team is essential in managing risks, ensuring compliance with frameworks like SOC 2 and ISO 27001, and implementing effective security controls across the organization. As an Information Security Analyst, you will play a pivotal role in maturing our Risk Management program, operating and enhancing our SOC 2 scope and processes, and owning our vendor management program. Your expertise in data analytics and risk assessment will help define risk tolerance levels, create data-driven metrics to visualize our security health, and make informed recommendations to leadership. By leading compliance efforts and collaborating across teams, you will directly contribute to protecting our assets, satisfying compliance obligations, and driving continuous improvement. This position offers the opportunity to make a significant impact in a dynamic, high-growth environment where collaboration and innovation are highly valued. This position is located in Dhaka, Bangladesh and reports to the Director of Information Security.What you’ll doDevelop, implement and administer a strategic, comprehensive information security risk management program and security controls library aligned with Field Nation’s risk tolerance.Work collaboratively to scope and execute risk assessments, generate security metrics, and drive remediation.Conduct thorough security evaluations of new vendors and regularly review existing vendors.Collaborate with internal stakeholders to ensure third-party compliance with security requirements and policies and develop new mitigating controls as needed.Identify opportunities to improve Field Nation’s risk posture by developing internal controls to remediate or mitigate third-party risks and assessing their residual risk.Contribute to the design, implementation, and dissemination of Information Security policies, procedures, guidelines and standards.Collaborate across technical teams to support vulnerability analysis, threat modeling, and security control testing efforts for the Field Nation platform and broader organization. Lead the successful completion of the quarterly UAR (User Access Review) audit process.Support our SOC 2 and ISO compliance audits, develop subject matter expertise and maintain a strong working relationship with our External Auditors.Collect and manage evidence in support of information security compliance objectives.Contribute to incident response efforts and documentation in the event of a security incident.What you’ll bring: Bachelor’s Degree in Cybersecurity, Information Systems, Computer Engineering, or related discipline or equivalent experience. Minimum of 3 years’ work experience in IT Risk Management, SOC 2 and ISO compliance and auditing with a strong background in IT controls.A background in auditing SaaS based tech (AWS, GCP, Azure, and other SaaS based vendors like Salesforce, Workday, ServiceNow, etc.).Expert understanding of SOC 2, ISO, and other compliance frameworks.Experience developing, and implementing security and control solutions that address SOC2 and ISO 27001 requirements.Strong data analytics skills (data cleaning, analysis, & visualization) and tools experience (i.e. spreadsheets, SQL, R programming, Tableau). Technical understanding and expertise across multiple information security competency areas. Technical understanding and experience with information security tools (e.g. vulnerability scanners, GRC tools, cloud security posture management). Experience analyzing vulnerabilities and making risk based recommendations influencing leadership.Thorough understanding of security assessment methodology and risk management process.Track record of effectively managing multiple tasks in Agile and dynamic environments.Ability to work under reasonable pressure, while meeting challenging deadlines.Ability to collaboratively influence others to align on desired outcome in areas outside of direct control.Effective communicator with excellent writing and verbal skills.Ability to effectively mentor other team members as needed.Salary & BenefitsCompetitive salary based on experience and qualification.Gratuity benefit.Hybrid Office. (3 days remote,2 days physical)Medical Insurance.FN LLC Performance Reward. Festival Bonus.Gym Membership.Career Development Budget.LinkedIn Learning.Lunch - Fully Subsidized. Sound work-life balance - Regular working hours: 8 hours/day, 5 days a week.Friendly work environment.Flexible leave/vacation policy. A great learning opportunity.The opportunity to work with cross-cultural teams with the US.Annual performance evaluation and increment.Employee Transportation: Drop off available. Office Time1pm - 10 pm. Salary Range70k-100k Why Field Nation?
At Field Nation, we are breaking the barriers to work and enabling the gig economy. We’re a tech company that offers a web-based marketplace solution for buyers and sellers of contract services to simply connect, work, and manage their business. We look for collaborators, innovators, and problem solvers to join us in our common purpose of changing the way work gets done. We were named a Top Workplace by the Star Tribune in 2017, 2018, 2019, and a Top 150 Workplace in 2020. We look to hire extraordinary people and provide them extraordinary benefits.
Confirm your E-mail: Send Email
All Jobs from Field Nation