0
applicants
Security Analyst
at Burgeon IT Services in United States Of America
Position Type: Contract
Location: Seattle, WA (Onsite)
Cybersecurity GRC Security Analyst Risk and Issue Management
Who we are
We are a yoga-inspired technical apparel company up to big things. The practice and philosophy of yoga informs our overall purpose to elevate the world through the power of practice. We are proud to be a growing global company with locations all around the world, from Vancouver to Shanghai, and places in between. We owe our success to our innovative product, our emphasis on our stores, our commitment to our people, and the incredible connections we get to make in every community we are in.
About this team
The Cybersecurity team enables us to conduct its global operations in a secure manner and to safeguard the trusted information of its guests and users. This is accomplished by understanding business risk as manifested through security and compliance risk, and through fostering a high degree of employee awareness of all security and compliance topics. To further enhance our team, we are looking for an experienced specialist to serve as Security Analyst Risk and Issue Management. This role will work collaboratively with cross-functional teams within Cybersecurity and across Technology to identify, analyze, document, and drive clear risk remediation activities to reduce systemic security risks. The ideal candidate will bring a blend of technical security and risk management expertise, along with strategic thinking to drive measurable improvements in our security posture.
A day in the life:
As the Security Analyst Risk and Issue Management for us, you will define, facilitate, coordinate, and track remediation action plans for security risks and issues. The effectiveness of this role will be measured through verified closure of open risks and issues, and demonstrated reduction in the organizations security risk posture. Core responsibilities of this role are as follows:
Lead and participate in targeted risk reduction initiatives across business units and technology domains
Analyze complex systems, architectures, and processes to identify security vulnerabilities and systemic risks
Collaborate with cross-functional teams to design and implement risk mitigation strategies
Conduct root cause analysis of recurring security issues and propose remediation plans for sustainable solutions
Support the development and refinement of GRC metrics and dashboards to track risk reduction progress
Serve as a liaison between Cybersecurity and technology teams to ensure appropriate prioritization and alignment on risk remediation tasks
Contribute to incident response post mortem activities to identify residual risk and develop risk mitigation strategies. This includes supporting root cause analysis (RCA) discussions to understand and document underlying issues, facilitating effective issue remediation.
Remain current with emerging threats, vulnerabilities, and regulatory requirements
Be an ambassador for the governance, risk and compliance security practice throughout the organization
Qualifications:
5+ years experience in a cybersecurity function, preferably in a GRC, security engineering, or security risk management role
Bachelors degree with focus on information technology, cybersecurity or technology audit preferred
Experience with cybersecurity risk and compliance frameworks and practices (e.g. NIST-CSF, NIST-AI RMF, COBIT, ISO27001, Data Privacy regulations and frameworks)
Proven track record in identifying and reducing systemic security risks in complex environments
Experience working in or with security tiger teams, red/blue/purple teams, or similar high-impact security functions
Strong understanding of enterprise IT systems and networks, cloud platforms, and security architectures
Understanding of emerging AI/LLM technologies and related security risks
Experience and passion for technical security risk identification and mitigation
Ability to interact effectively with technical security stakeholders as well as non-technical business stakeholders to communicate and inform concepts pertaining to security risk
Familiarity with ServiceNow GRC/IRM systems preferred
Must have excellent analytical, communication, and project management skills
Must be detail oriented and a self-starter
Must be comfortable in a role that is dynamic and evolving
Professional certification such as CISA, CISSP, CRISC, Security+, CDPSE is a plus
Must haves:
Acknowledges the presence of choice in every moment and takes personal responsibility for their life.
Possesses an entrepreneurial spirit and continuously innovates to achieve great results.
Communicates with honesty and kindness and creates the space for others to do the same.
Leads with courage, knowing the possibility of greatness is bigger than the fear of failure.
Fosters connection by putting people first and building trusting relationships.
Integrates fun and joy as a way of being and working, aka doesnt take themselves too seriously.
Actively removes barriers to equity so that everyone feels a sense of belonging.
Reference : Security Analyst jobs
Reference : Security Analyst jobs
Recent jobs at Burgeon IT Services
QA Data Engineer at Burgeon IT Services in United States Of America
15-11-2025
IT-Sr Capability Analyst(SQL,Data,Jira) - Remote at Burgeon IT Services in United States Of America
15-11-2025
Field Operations Tester, Onboard Systems at Burgeon IT Services in United States Of America
15-11-2025
Technical Specialist (Expert) Data Engineer at Burgeon IT Services in United States Of America
15-11-2025
Published at 15-11-2025
Viewed: 12 times
Viewed: 12 times