← Back to jobs
Harborglobal
Harborglobal

IT Security Analyst

operationsfull-timeManila, Manila, Philippines; Moncton, New Brunswick, Canada; Philippines - Remote; Remote, Canada
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

Key Responsibilities

Vulnerability Management (Qualys-Focused)

  • Administer and operate Qualys for continuous vulnerability scanning across infrastructure, endpoints, and cloud environments
  • Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with infrastructure and engineering teams
  • Track remediation progress and produce reporting dashboards and metrics for leadership
  • Continuously improve vulnerability management processes, including SLAs, exception handling, and risk acceptance workflows

Third-Party Risk Management (TPRM)

  • Support and manage the third-party risk lifecycle, including vendor onboarding, assessments, and periodic reviews
  • Evaluate vendor security posture using standardized frameworks (e.g., SIG, CAIQ, or equivalent)
  • Maintain vendor risk inventory and ensure alignment with internal security policies

Client Security Questionnaires & Assurance

  • Own and respond to client security questionnaires, RFPs, and due diligence requests
  • Collaborate with internal stakeholders to ensure accurate, consistent, and timely responses
  • Maintain a centralized knowledge base of standard responses to improve efficiency and consistency
  • Support audits and client security reviews as needed

Security Posture & Governance

  • Review, update, and maintain security policies, standards, and procedures
  • Identify gaps in current security controls and recommend improvements aligned with industry frameworks (e.g., SOC2, ISO 27001)
  • Partner with IT and engineering teams to enhance overall security posture and maturity
  • Stay current on emerging threats, vulnerabilities, and best practices

Incident Support & General Security Operations

  • Assist in the investigation and response to security incidents and vulnerabilities
  • Support internal security initiatives, including awareness, compliance, and risk reduction efforts
  • Contribute to continuous improvement of security tooling and processes

Required Qualifications

  • 4+ years of experience in information security, cybersecurity, or a related field
  • Hands-on experience with vulnerability management tools (preferably Qualys)
  • Experience responding to client security questionnaires or audit requests
  • Foundational understanding of network security concepts (firewalls, SIEM, IDS/IPS, endpoint protection)
  • Familiarity with risk management principles, including third-party/vendor risk
  • Familiarity with M365 Security Tools, Exchange Online Protection, Purview, a plus.

Preferred Qualifications

  • Experience with TPRM programs or vendor risk platforms
  • Knowledge of security frameworks (ISO 27001, SOC 2)
  • Experience with remediation tracking and security metrics/reporting
  • Familiarity with penetration testing concepts and vulnerability exploitation techniques
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
IT Security Analyst at Harborglobal — Remote