Information Security Risk Analyst - Third Party Risk

New York, NY

Who We Are

Information Security builds technologies, tools and processes to better enable teams at Twitter to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties securely protect Twitter information. This role will be part of the Security Risk Management team which focuses on handling our 3rd party security processes.


What You’ll Do

  • Figure out inherent risks of current and prospective third party products, services, and data partnerships
  • Design and execute third party security assessments and prioritize control remediation as appropriate
  • Build and maintain strong cross-functional relationships to help with expectation setting, training and awareness, and consistency in our review processes
  • Build metrics that help educate internal organizational leaders on their third party’s information security profile
  • Demonstrate strong knowledge in IT controls, risk assessments, and the design and testing of security controls
  • Be an inspiring leader in Information Security and align initiatives with business objectives of the company
  • Find opportunities to continuously improve the program through innovation with tangible value to the organization
  • Chip in to other projects adjacent to this work within the Security Risk Management team


Who You Are

  • Have worked in the third party security risk management space
  • Have knowledge of common security risks, vulnerabilities, and threats
  • Familiar with common audit and risk management methodologies
  • A critical thinker, passionate, ambitious, and detail oriented
  • Able to discuss issues at technical and business levels with audiences of various backgrounds


Requirements

  • Bachelor degree in Information Security, Computer Science, Management Information Systems or related field preferred
  • Minimum 3+ years of related work experience in Information Security GRC or relevant Audit or Compliance roles
  • Able to communicate relevant information clearly and concisely both verbally and in writing
  • Able to work independently on multi-task assignments in a fast-paced environment
  • Familiar with information security frameworks (e.g., ISO 27001/2, SOX IT Controls, COBIT, SOC 2 Trust Principles, PCI DSS, NIST 800-53/CSF)
  • Prior experience with conducting and analyzing security risk assessments at large complex organizations
  • Professional certifications in Information Security or Risk Management (e.g., CTPRA, CTPRP, CISA, CISM, CRISC, or CISSP)


We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Engineering Hiring Process

Step 1

Once your application is received, a recruiter will reach out pending your qualifications are a match for the role.

Step 2

If your background is a match, you may have 1-2 technical phone interviews or be given the chance to provide a work sample depending on the role.

Step 3

If the phone interviews go well or your work sample is strong, the final step includes interviews with 5-6 people held onsite in our office.

Application

Personal Information

Required field. PDFs only; max file size is 1MB.
Required field. PDFs only; max file size is 1MB.

U.S.  Equal Employment Opportunity Information  (Completion is Voluntary)

At Twitter, we have a bold aspiration to reach every person on the planet. We believe that goal is more attainable with a team that understands and represents different cultures and backgrounds and we are committed to an inclusive and diverse Twitter.

This is where you come in! Please take a few minutes to provide us with your information. You are not required to provide this information and you may select “Decline to Disclose”. Your decision to provide information (or not) will not affect your employment or opportunities at Twitter.

Twitter is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.

You can view the ‘EEO is the Law’ poster here.

Twitter does not accept any unsolicited resumes from recruiting agencies and will not pay fees associated with any such resumes. Agencies, please do not send resumes to any Twitter location, employee, or email address.

Twitter, Inc. is committed to working with and providing access and reasonable accommodations to applicants with physical or mental disabilities. If you need an accommodation in order to apply for open job opportunities, please submit a description of your accommodation request to RARequest-Recruiting@twitter.com. This email is only for accommodation requests related to the application process.

Twitter cares about your privacy and protecting your data.  Please click the privacy policy link and acknowledge you have read and understood how Twitter treats your privacy and your data.  

Would you like to receive email communication from Twitter about career opportunities? You may unsubscribe at any time.
Applicant Data - You have a choice. Can we keep your personal data for both the job you are applying for and any other Twitter jobs that we feel you may be a match for? If you choose yes we will retain your personal data for a period of twelve months to consider you for other job opportunities at Twitter.
Analytics - May we use personal data from your resume and application to analyze and improve the Twitter hiring experience.
Success
Thanks for applying!
Error
Submission failed. Please make sure all fields are correctly formatted.