Information Security Risk Analyst
StackAdapt
StackAdapt is the leading technology company that empowers marketers to reach, engage, and convert audiences with precision. With 465 billion automated optimizations per second, the AI-powered StackAdapt Marketing Platform seamlessly connects brand and performance marketing to drive measurable results across the entire customer journey. The most forward-thinking marketers choose StackAdapt to orchestrate high-impact campaigns across programmatic advertising and marketing channels.
As an Information Security Risk Analyst, you will play a vital role in keeping StackAdapt’s systems and information secure by helping to identify, assess, and manage information security risks across StackAdapt. Working closely with the Senior Information Security Officer and key business stakeholders, you will help ensure that our security controls are appropriately designed, documented, and operating effectively in line with our risk appetite and regulatory obligations. This position offers exposure to a broad range of security domains, including security risk assessments, third-party risk management, policy development, audit support, and compliance monitoring. You’ll play an important part in embedding a strong security culture and helping the business make informed, risk-based decisions.
We’re looking for someone who is passionate about information security and eager to continuously develop within the role. This position is well-suited to an individual who is curious, proactive, and motivated to continuously learn in a rapidly evolving threat and regulatory landscape. You’ll thrive if you enjoy asking questions, challenging assumptions constructively, and developing your expertise through hands-on experience and collaboration with experienced security professionals. Strong communication skills, a growth mindset, and a commitment to professional development will be key to success in this role.
StackAdapt is a ‘Remote First’ company, therefore we are open to candidates located anywhere in North America for this position.
What you'll be doing:
- Supporting the identification, assessment, and management of information security risks, including maintaining risk registers, monitoring remediation actions and following up on agreed risk treatments
- Assisting with vendor security risk assessments during onboarding and ongoing reviews
- Contributing to customer security assurance activities, such as completing security questionnaires
- Helping to coordinate StackAdapt’s centralized IT General Controls framework designed to manage security, compliance, and governance for enterprise IT systems
- Participating in the governance of recurring user access reviews (UARs) and segregation of duties (SoD) assessments for enterprise applications
- Supporting the governance of role-based access controls (RBAC) for enterprise IT applications
- Assisting with compliance activities against security frameworks and standards (e.g. SOC 2, PCI, etc.)
- Working with internal teams to gather information and evidence for risk and compliance activities
- Learning about emerging security risks, regulatory requirements, and industry best practices
What we're looking for:
- Interest in information security governance, risk, and compliance (GRC)
- Understanding of information security and risk management concepts
- Awareness of security frameworks or standards (e.g., ISO 27001, NIST, SOC 2) and/or IT compliance frameworks (e.g., Sarbanes–Oxley (SOX))
- Strong attention to detail and ability to work with documentation and evidence
- Ability to work collaboratively with technical and non-technical stakeholders
- Willingness to learn and develop within an information security or GRC career path
We’ll be reaching out to applicants that have:
- 1 to 3 years of experience in a related field
- Bachelor’s degree (or higher) in cyber security, information technology, risk management, law, business, or a related discipline (or equivalent practical experience)
- Experience supporting risk assessments, audits, or control testing activities
- Ability to work cross-functionally with various teams such as Internal Audit, IT Operations, Engineering, Legal and Finance
- Experience in designing, implementing, and/or managing application user access reviews, segregation of duties reviews, and/or conducting security risk assessments
- Strong communication skills, both written and verbal
- Strong organisational and time management skills, as well as an ability to meet deadlines
#LI-LN1
The compensation range listed for this role reflects the expected base salary for candidates located in Ontario, Canada. It is informed by market data and the approved budget for this position. StackAdapt maintains different compensation ranges for roles across other countries and regions, and final offers will be aligned to the candidate’s current location.
This range represents base salary only. Depending on the role, candidates may also be eligible for additional compensation such as annual bonuses, commissions, equity awards, and a comprehensive benefits package.
Factors Influencing Final Compensation:
- The final compensation offer will be determined by a variety of factors, which may include, but are not limited to: the candidate's specific experience, technical skills, knowledge, abilities, and relevant education, licensure, and certifications.
- Other business factors, such as organizational needs and budget alignment, may also be considered in the final offer.
StackAdapter's Enjoy:
- Highly competitive salary
- Retirement/ 401K/ Pension Savings globally
- Competitive Paid time off packages including birthday's off!
- Access to a comprehensive mental health care program
- Health benefits from day one of employment
- Work from home reimbursements
- Optional global WeWork membership for those who want a change from their home office and hubs in London and Toronto
- Robust training and onboarding program
- Coverage and support of personal development initiatives (conferences, courses, books etc)
- Access to StackAdapt programmatic courses and certifications to support continuous learning
- An awesome parental leave program
- A friendly, welcoming, and supportive culture
- Our social and team events!