{"id":728,"date":"2025-12-03T15:23:23","date_gmt":"2025-12-03T15:23:23","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=728"},"modified":"2025-12-03T15:23:26","modified_gmt":"2025-12-03T15:23:26","slug":"information-security-compliance-analyst-soc-reporting-vendor-risk","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/information-security-compliance-analyst-soc-reporting-vendor-risk\/","title":{"rendered":"Information Security Compliance Analyst \u2013 SOC Reporting &#038; Vendor Risk"},"content":{"rendered":"\n<p>\u200bThis is a full-time, <strong>remote<\/strong> <strong>Information Security Compliance Analyst<\/strong> role at Bonterra, a technology company dedicated to the social good industry. The analyst will be the primary resource for executing the company&#8217;s annual <strong>Service Organization Controls (SOC)<\/strong> reporting and will be heavily involved in <strong>vendor risk management<\/strong> and enterprise-wide security programs.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Location:<\/strong> Remote, United States.<\/li>\n\n\n\n<li>\u200b<strong>US Base Salary Range:<\/strong> $75,000 &#8211; $100,000.<\/li>\n\n\n\n<li>\u200b<strong>Experience:<\/strong> 6+ years&#8217; experience performing risk and compliance activities (or less experience with a relevant degree).<\/li>\n\n\n\n<li>\u200b<strong>Focus:<\/strong> Leading SOC reporting initiatives, performing technical risk assessments of third-party suppliers, maintaining vendor registers, and assisting with security awareness and training programs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bJob Responsibilities: Audit, Risk, and Program Management<\/h3>\n\n\n\n<p>\u200bThe analyst is central to maintaining Bonterra&#8217;s compliance posture and managing third-party risk.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>SOC Reporting Lead:<\/strong> Perform as the primary in executing the annual <strong>Service Organization Controls (SOC)<\/strong> reporting initiatives across several Bonterra products.<\/li>\n\n\n\n<li>\u200b<strong>Audit Coordination:<\/strong> Work closely with control owners and internal\/external auditors to ensure requests are completed efficiently as part of the overall project management process.<\/li>\n\n\n\n<li>\u200b<strong>Vendor Risk Management (VRM):<\/strong> Perform <strong>technical risk assessments<\/strong> of third-party suppliers&#8217; security and privacy controls. Maintain a register of relevant suppliers, controls, and risks for ongoing VRM activities.<\/li>\n\n\n\n<li>\u200b<strong>Program Support:<\/strong> Assist in maintaining the overall <strong>security awareness<\/strong>, role-based security training, and phishing simulation programs across the enterprise.<\/li>\n\n\n\n<li>\u200b<strong>Incident Response:<\/strong> Responsible for creating the playbook for reporting of high-risk events that involve compliance, risk, and information security.<\/li>\n\n\n\n<li>\u200b<strong>Internal Audits:<\/strong> Assist in conducting user activity audits where required.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bRequired Qualifications and Certifications<\/h3>\n\n\n\n<p>\u200bThe role requires strong organizational skills, proven project management capability, and preferred certifications in the risk and compliance domain.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Experience:<\/strong> 6+ years&#8217; experience performing risk and compliance activities (or relevant degree with less experience).<\/li>\n\n\n\n<li>\u200b<strong>Management Skills:<\/strong> <strong>Project management experience<\/strong>, experience managing multiple priorities independently, and excellent organizational, planning, and time management skills.<\/li>\n\n\n\n<li>\u200b<strong>Analytical Skills:<\/strong> Excellent research and analytical skills.<\/li>\n\n\n\n<li>\u200b<strong>Communication:<\/strong> Excellent verbal and written communication skills, with the ability to exercise good judgment when dealing with senior management.<\/li>\n\n\n\n<li>\u200b<strong>Software Proficiency:<\/strong> Proficient with technology and ability to learn software systems, including <strong>GRC, ticketing, and project management software<\/strong> and workflows.<\/li>\n\n\n\n<li>\u200b<strong>Preferred Certifications:<\/strong> Information systems security professional certifications preferred (e.g., <strong>CRISC, CISA, CISSP, CISM, GSEC, GCFA, GCTI, CCSP<\/strong>, or other relevant certifications).<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a full-time, remote Information Security Compliance Analyst role at Bonterra, a technology company dedicated to the social good industry. The analyst will be the primary resource for executing the company&#8217;s annual Service Organization Controls (SOC) reporting and will be heavily involved in vendor risk management and enterprise-wide security programs. \u200bJob Responsibilities: Audit, Risk, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[43],"jobpost_job_type":[39],"jobpost_location":[1041],"jobpost_tag":[1505,2231,3388,3385,136,81,1616,3387,3386,3384],"class_list":["post-728","jobpost","type-jobpost","status-publish","hentry","jobpost_category-it","jobpost_job_type-remote","jobpost_location-united-states","jobpost_tag-cisa","jobpost_tag-cissp","jobpost_tag-crisc","jobpost_tag-information-security-compliance-analyst","jobpost_tag-project-management","jobpost_tag-remote","jobpost_tag-risk-assessment","jobpost_tag-security-awareness","jobpost_tag-soc-reporting","jobpost_tag-vendor-risk-management-vrm"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/728","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=728"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=728"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=728"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=728"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}