Senior Analyst (Information Security Support)

Senior Analyst (Information Security Support)

About Us

Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.

About The Role

Tevora is seeking a passionate Senior Analyst who has a solid balance between business acumen and technical expertise. Comfortable across various disciplines of information security, this analyst consultant will be responsible for supporting clients in a variety of roles, such as Governance, Risk, and Compliance (GRC) programs, audit support, policy and procedure development, and advising on InfoSec best practices.

A day in the life could include

• Directly support clients in a variety of roles, such as Governance, Risk, and Compliance (GRC) programs, audit support, policy and procedure development, and advising on Information Security best practices.
• Coordinating and managing Clients regarding internal or external audits, including:
  • Control compliance review
  • Evidence collection
  • Coordination of audit work
• Leading or supporting compliance and risk assessments, including providing guidance to junior resources
• Conducting interviews with clients to analyze their information security controls or risk and identify recommendations
• Execute on multiple client engagements simultaneously
• Communicating with project stakeholders to effectively convey requirements of technical and process improvements.
• Assisting in the development of customized policies, procedures, controls, disaster recovery plans and other documentation for applications, systems, and infrastructure.
• Working with cross-functional teams to provide InfoSec compliance support, and maintaining communicating across groups
• Additional duties as assigned

Necessary skills and qualifications

• Connect easily with clients and colleagues to communicate effectively across business and technical boundaries- to offer recommendations as an expert with best practices.
• Work independently without detailed guidance, including anticipating the next steps and problem solving
• Understanding and predicting customer and project needs
• Ability to balance various project timelines and prioritize differing client needs
• Be proficient in writing executive level reports and technical documentation.
• Have comprehensive knowledge of common IT and security concepts, with a strong desire to expand knowledge base
• At least one Accounting, Risk or IT certification held or in process (i.e., CPA, CISSP, CISA, CISM, CRISC).
• Bachelor's Degree from an accredited 4-year university
• Minimum 3 years of experience in information security, information technology, business consulting, enterprise risk or compliance field.
• Direct experience with at least one of the following compliance frameworks: ISO 27001, SOC 2, SOC 1, SOX, or PCI-DSS

Bonus Points

• Demonstrated experience as an Information Security Compliance Auditor
• At least 2 years' experience in client-facing role (e.g., consulting or external auditor)

We've got you covered!

• Comprehensive benefits offering
• Paid time off and holidays
• 401k with Company match
• Vibrant work culture

Additional requirements

• A valid driver's license is required.
• Eligibility to work in the United States.
• Must be available to work a hybrid schedule at our Irvine, CA office.

EEOC Statement

Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.