Talkdesk is currently seeking a Information Security Risk and Operations Analyst to join our Information Security team. The right candidate will be a key driver of information security strategy, prioritization efforts, and will help improve the Information Security Program at Talkdesk. The analyst will work to secure the environment using a defense in-depth approach while enabling Talkdesk to provide effective and secure services.

This individual will use a risk-based approach in evaluating the effectiveness of security capabilities against industry accepted standards and security frameworks. They are responsible for evaluating and enhancing the overall security posture and program at Talkdesk. The Analyst will work collaboratively with technology and application owners to drive adherence to secure and consistent management and configuration practices. They will also provide guidance and subject matter expertise to business and senior leadership stakeholders in maintaining a secure environment.

The Analyst will assist in reporting to senior management on the overall program health, key metrics, and milestones and liaising with other teams to ensure adherence to information security inquiries and requirements. They will lead third party risk management efforts to ensure that third parties meet our security requirements and drive the Talkdesk’s incident management program to ensure effective identification and remediation of incidents throughout the environment.

Who you're committed to being:

• Forward-thinking, phenomenal at multitasking and ready to handle the often unexpected demands facing a growing, global company
• Strong communicator who can get the point across quickly and optimally no matter the audience
• Open to being challenged and crafting solutions that drive business results while protecting the company
• Reliable, trusted partner and able to collaborate across teams and regions
• Self-starter who is not afraid to dive in and navigate thorny or novel problems

What you'll own:

• Perform third party security reviews as part of the risk management program and serve as a cyber risk subject matter expert for third parties
• Conduct periodic cyber security training to new staff as well and ensuring content stays relevant and up to date
• Assist in performing control testing on periodic basis and ensuring status of controls is maintained
• Research the latest risk trends in IT / Cybersecurity and recommend enhancements to the risk management program
• Assist in policy / standard training and awareness campaigns throughout the year. In addition, primarily responsible for providing input into key technology and security policies and standards

Experience you'll need:

• Bachelor’s Degree in Computer Science, Information Security and Risk Management, Information Systems, Engineering, Business or related major or commensurate experience
• 3-5+ years of security risk management and controls experience
• Experience in testing the design and effectiveness of controls and providing recommendations to the business for remediation
• Working knowledge of security frameworks and regulations (e.g, NIST, PCI, SOC2, GLBA)
• Familiarity with cloud technology and vendor risk management platforms (e.g., Onetrust)
• Strong interpersonal and communication skills
• Problem solving skills and ability to work in a dynamic environment