eFront is a leading software provider of end-to-end solutions dedicated to the financial services industry with a recognized expertise in enterprise risk management and alternative investments. eFront's solutions serve more than 700 customers in 40 countries, including companies in the private equity, real estate investment, banking and insurance sectors. eFront's primary product suites offer tightly integrated solutions for streamlining the management of alternative investments and corporate risk. Founded in 1999, eFront services clients worldwide from offices in Asia, Europe, the Middle East and North America. For more information visit www.efront.com and follow us on LinkedIn at www.linkedin.com/company/efront.
The eFront Environment
eFront is a rapidly growing financial software provider. Our company is fast-paced and requires you to take ownership of your role. For those who strive to understand the business; for those who foster teamwork, knowledge sharing and an optimistic approach; for those who want to be fully engaged in their – career advancement and opportunity can be achieved quickly.
We are looking for a highly motivated individual to join our Information Security team. The team is responsible for overall security of information systems at efront and their compliance with CIA principles of information security.
Information Security Analyst
- Provide information security expertise to assist with achievement of information systems compliance programs (SOC2 Type 2, ISO27K)
- Provide information security expertise during pre-sales, sales and post-sales activities at eFront
- Propose and implement corporate business processes that improve overall security posture at eFront
- Maintain knowledge of constantly changing security and privacy landscape and propose initiatives related to industry changes
- Work with internal and external stake holders on security audits and remediation processes
ESSENTIAL JOB FUNCTIONS
- Responsible for monitoring internal compliance against information security policies and standards by conducting testing and internal control reviews and risk assessments.
- The individual will maintain awareness of external regulations for new or changed requirements within IT and identify industry standards from which base core IT processes (e.g. ISO27001, NIST, SSAE16, etc.) are established.
- This position represents the company’s interest with customers, external and internal auditors and 3 rd party service providers.
- Facilitates with internal and external audits within IT, as well as periodic assessments to address specific risks.
- Reviews IT audit results with the various IT functions providing observations, recommendations and conclusions as well as assist in identifying and communicating control gaps and evaluating management remediation action plans and related reporting
- Bachelor's degree in Business, with IT audit or compliance experience, or Computer Science, with business and IT Audit/Compliance experience desired
- 1-3 years of experience, IT Audit, Compliance, and/or Technology
- Knowledge of regulatory standards SOC, ISO, privacy shield is a plus.
- Experience with various technologies, including SharePoint, networks, platforms, and applications. Knowledge of IT audit methodologies and control frameworks.
- Knowledge of Linux is a plus
- Familiarity with security scanning and penetration tools (OpenVas, Qualys, Acunetix) is a plus
Please send us your CV in English.