Security Assurance Engineer to support client-facing security initiatives and third-party risk management. This role sits at the intersection of technical security and risk, with a strong emphasis on vendor assessments, security questionnaires, and translating complex controls into clear business communication.
The position reports into senior security leadership and offers the opportunity to contribute across cloud security, identity, and operational security while helping shape long-term security posture improvements.
What You’ll Tackle
- Lead third-party and vendor risk assessments including questionnaires and control validation
- Respond to client-facing due diligence and security inquiries
- Review SOC reports, penetration tests, and security documentation
- Identify risks, document findings, and recommend remediation strategies
- Support vendor onboarding and lifecycle security processes
- Partner with engineering and operations to evaluate security controls
- Contribute to cloud and identity security improvements
- Assist with incident response and security investigations
What You Bring
- Experience with third-party risk management and vendor security reviews
- Strong background in cloud and identity security (Azure, identity platforms)
- Familiarity with Conditional Access, access governance, and endpoint security
- Ability to translate technical concepts into clear business language
- Experience with security frameworks (SOC 2, ISO, NIST)
- Strong written and verbal communication skills
- Ability to analyze technical configurations and assess risk
Nice to Have
- Exposure to penetration testing or red team exercises
- Security certifications (CISSP, CCSP, or similar)
- Experience with cloud security posture management
- Familiarity with digital risk or brand protection tools
