Remote, USA
56 days ago
Senior Information Security Analyst

Bonterra exists to propel every doer of good to their peak impact. We measure that impact against our vision to increase the giving rate as a percentage of GDP from 2% to 3% by 2033. We know that this goal is lofty, but we are confident that the right technology and expertise will strengthen trust in the sector, allowing the social good industry to accelerate growth and reach peak impact. Bonterra's differentiated, end-to-end solutions collectively support a unique network of over 20,000 customers, including over 16,000 nonprofit organizations and over 50 percent of Fortune 100 companies. Learn more at bonterratech.com.

The Bonterra Information Security Risk and Compliance department is looking to hire a Senior Information Security Risk Analyst to our team. If you enjoy problem solving, are enthusiastic working in a team format and want to thrive in the ever-changing risk & compliance field while learning new concepts and principles as part of your continuing education, look no further!
 

Job Responsibilities:

Prepares for and facilitates examinations by qualified security assessors for frameworks such as SOC, ISO 27001, and PCI-DSS.

Works closely with other members of the Information Security, Risk, & Compliance team.

Gathers and synthesizes data; presents conclusions; and offers risk mitigation, remediation and process improvement solutions to management.

Works closely with control owners across the company and internal and external auditors to ensure requests are completed in a timely manner.

Identifies potential business risks, operational and regulatory process deficiencies and improvement opportunities.

Communicates risk findings and recommendations that are clear and actionable to all stakeholders.

Performs technical risk assessments of third party suppliers' security and privacy controls.

Maintains register of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities.

Assists in the initial triage of compliance, risk and security requests in the ticket management system to ensure efficiency and prioritization.

Assists in maintaining our overall security awareness, role-based security trainings and phishing simulation programs across the enterprise.

Assists in conducting user activity audits where required.

Desired Background

6+ years’ experience performing risk and compliance activities or open to less years with addition of relevant course work/degrees

Experience managing multiple priorities independently and in a team environment to achieve goals.

Excellent organizational, planning and time management skills.

Excellent research and analytical skills.

Excellent verbal and written communication skills.

Ability to exercise good judgement and tact in dealing with Bonterra senior management.

Proficient with technology and ability to learn our software systems, including GRC, ticketing and project management software and workflows.

Proven track record of proactively identifying needs and implementing solutions.

May hold one or more information systems security professional certifications (CRISC, CISA, CISSP, CISM, GSEC, GCFA, GCTI, CCSP, or other relevant Information Security certifications).

Compensation

The range displayed on this job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. 

Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and in addition to benefits this role may be eligible for discretionary bonuses/incentives, and equity. 

US Base Salary Range: $85,000 - $100,000

Please note that the compensation range and benefits specified in this job posting is applicable to candidates based in the United States. For international applicants, actual salary offers and benefit plans may vary based on the local market compensation standards and will be determined in accordance with regional considerations, including but not limited to applicable laws, cost of living, and industry norms.  

We will be accepting applications for this role until 11/30/2024

Our Culture:  At Bonterra, we’re innovating with a higher purpose: to increase giving to 3% of US GDP by 2033, creating $573 billion more in global impact every year. To achieve our vision, we cultivate an inclusive environment where diversity is embraced and every team member feels empowered to contribute. Innovation, curiosity, and a commitment to equity guide our work. We foster a culture of belonging, ensuring that every individual is valued, respected, and given the tools to succeed. Together, we are dedicated to making a positive impact in the world.


Our comprehensive and competitive benefits include:

Generous Flexible Time Off (FTO) Policy

Up to 15 paid company holidays including some commemorating social justice events and self-care

Paid volunteer time

Resources for savings and investments

Paid parental leave

Paid sick leave

Health, vision, dental, and life insurance with additional access to health and wellness programs.

Opportunities to learn, develop, network, and connect

Please note the benefits specified on this page are applicable to full-time employees based in the United States. For international employees, actual benefits may vary based on local standards and regulations and will be determined in accordance with regional considerations, including but not limited to applicable laws and industry norms.

We are committed to being an equal opportunity employer and evaluate qualified applicants without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, diversity of thought and any other characteristic protected by applicable law.

Confirm your E-mail: Send Email