Senior Security Analyst

At ZoomInfo, we encourage creativity, value innovation, demand teamwork, expect accountability and cherish results. We value your take charge, take initiative, get stuff done attitude and will help you unlock your growth potential. One great choice can change everything. Thrive with us at ZoomInfo.

As a key member of our Security Governance, Risk, and Compliance (GRC) team, the Senior Security Analyst will play a pivotal role in safeguarding our company's data and infrastructure by managing 3 main domains: VRM, security certifications and attestations, and Customer RFP processes.

Collaborating closely with IT, procurement, risk management, and sales teams, this role significantly impacts our business by enhancing security measures, managing vendor and partner relationships, and streamlining security and compliance processes. The role is data security centric and requires a detail oriented technical acumen. The Senior Security Analyst is central to our ongoing efforts to protect sensitive data and ensure a secure operational environment, thereby supporting customer trust.

What you will do:

- Third-Party Reviews: Conduct comprehensive security assessments and audits of vendors and partners to ensure they meet our strict security standards.

- VRM Program Improvements: Collaborate with the Help Desk, Legal, and Procurement teams to automate the Vendor Risk Management (VRM) processes, enhancing efficiency and risk management, ensuring compliance and safeguarding against potential security threats.

- SOC2 Audits and Gap Assessments: Lead SOC2 Type1 and Type2 audit preparations and conduct gap assessments to maintain compliance and security standards.

- Audit Assurance: Manage and conduct SOC, ISO, and other security audits as needed, utilizing industry standard GRC and VRM tooling to ensure ongoing compliance with security best practices.

- Ad-Hoc Security Projects: Address ad hoc requests from within the Security GRC team on risks, compliance, and security control implementation

What you will bring:

- Proven experience in cybersecurity analysis, risk management, and compliance (SOC 2, CMMC, ISO, NIST, CSA Level II) within a tech or data-centric organization

- Expertise with SOC2 audits, VRM programs, and IT security best practices.

- Demonstrated ability to work cross-functionally with IT, Procurement, Sales, and other departments to drive security initiatives with the ability to lead complex interaction with Senior Management

Actual compensation offered will be based on factors such as the candidate's work location, qualifications, skills, experience and/or training. Your recruiter can share more information about the specific salary range for your desired work location during the hiring process.

We want our employees and their families to thrive. In addition to comprehensive benefits we offer holistic mind, body and lifestyle programs designed for overall well-being. Learn more about ZoomInfo benefits here.

#LI-TG

#LI-Hybrid

About us:

ZoomInfo (NASDAQ: ZI) is the trusted go-to-market platform for businesses to find, acquire, and grow their customers. It delivers accurate, real-time data, insights, and technology to more than 35,000 companies worldwide. Businesses use ZoomInfo to increase efficiency, consolidate technology stacks, and align their sales and marketing teams — all in one platform.

ZoomInfo may use a software-based assessment as part of the recruitment process. More information about this tool, including the results of the most recent bias audit, is available here.

ZoomInfo is proud to be an Equal Opportunity employer. We are committed to equal employment opportunities for applicants and employees regardless of sex, race, age, color, national origin, sexual orientation, gender identity, marital status, disability status, religion, protected military or veteran status, medical condition, or any other characteristic or status protected by applicable law. At ZoomInfo, we also consider qualified candidates with criminal histories, consistent with legal requirements.