Description:
The Cybersecurity Administrator serves as the primary deputy to the Cybersecurity Governance Manager, providing essential operational support across the organization's security governance and compliance activities. This is an excellent entry-level opportunity for a motivated individual looking to build a broad foundation in enterprise information security, compliance, and risk management.
The successful candidate will assist in executing and coordinating day-to-day security program activities, with direct ownership of key workstreams including vendor risk management, audit coordination, security questionnaire responses, and vulnerability tracking.
The Impact You Will Have in This Role:
Role
This role offers broad exposure across the full spectrum of enterprise information security operations. You will work directly with the Cybersecurity Governance Manager and gain hands-on experience in:
- Enterprise security governance.
- Global compliance frameworks (SOC 2, TISAX, ISO 27001).
- Risk management methodology and practical application.
- Cross-functional stakeholder collaboration across Engineering, Legal, Finance, and Operations.
- Audit management and external auditor relations.
- Career development toward roles such as Security Analyst, GRC Analyst, Security Compliance and Risk Manager.
What You’ll Be Doing In This Role
- Manage inbound security questionnaires/RFIs and coordinate inputs across IT, Legal, Engineering, and other stakeholders.
- Maintain and continuously improve a centralized library of standardized, policy-aligned security responses.
- Track questionnaire/RFI status, deadlines, and follow-ups to ensure accurate, on-time delivery.
- Support the end-to-end third-party vendor risk lifecycle, including onboarding, periodic reviews, and offboarding.
- Conduct vendor security risk assessments using established frameworks and questionnaires (e.g., SIG, CAIQ, custom templates).
- Maintain the vendor risk register, including risk ratings, evidence requests, remediation actions, and review schedules; escalate high-risk findings.
- Coordinate audit readiness activities (e.g., SOC 2 Type II, TISAX, internal audits), including continuous evidence collection and audit calendars.
- Serve as a point of contact during audit fieldwork by scheduling walkthroughs, gathering artifacts, and tracking auditor requests.
- Track audit findings and management responses and follow remediation commitments through closure; help update control narratives, policies, and procedures.
- Monitor and track vulnerabilities (scans, penetration tests, threat intel), maintain the vulnerability register, drive follow-ups, and produce status reporting.
Qualifications Of This Role
- Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field — or equivalent practical experience.
- 1–2 years of experience in information security, IT compliance, risk management, or a related discipline.
- Familiarity with common compliance frameworks and standards such as SOC 2, ISO 27001, TISAX, NIST, or similar
- Strong organizational skills with the ability to manage multiple workstreams, deadlines, and stakeholders simultaneously.
- Excellent written and verbal communication skills — able to translate technical concepts for non-technical audiences.
- Detail-oriented with a structured, process-driven approach to work.
- Proficiency in standard productivity tools (Microsoft 365, Google Workspace) and experience with spreadsheets and tracking tools
- Entry-level security certification or active pursuit thereof: CompTIA Security+, CC (ISC²), or equivalent.
- Understanding of cloud security concepts (AWS, Azure, or GCP environments).
- Understanding / Experience supporting external audits or regulatory examinations.