- Conduct third-party vendor risk assessments and internal risk evaluations; identify, document, and report on potential vulnerabilities and control gaps.
- Respond directly to standard vendor security questionnaires and support internal teams in answering security-related questions from prospects.
- Assist in tracking and collecting evidence for ongoing SOC 2 and ISO 27001 compliance audits.
- Proactively identify emerging threats and associated risks to existing business processes and corporate assets, and collaborate with senior team members to develop practical security solutions.
- Coordinate and deliver security awareness training programs to employees.
- Assure compliance to outside regulations affecting the company.
- Collect and maintain security and compliance metrics for team dashboards.
- Partner with Legal, Engineering, IT, Finance, and HR to ensure corporate security policies are understood and followed.
- Identify operational inefficiencies in existing security controls and help design smoother workflows.