Unity’s Security team is looking for a Vendor Security analyst to work on supplier/ third-party risk assessments as part of the procurement process. This person will be a key member of the Security Program and will be working with the Legal and Procurement teams to facilitate the procurement process, while furthering Security initiatives within Unity’s Business Units.
What you’ll be doing
- Perform risk assessment on behalf of Unity on the products/ services being procured by Unity’s Business Units
- Review third party security attestation reports provided by vendors. Review architecture diagrams and/or data flow diagrams.
- Work closely with vendors and internal partners to develop action plans to meet or exceed agreed performance levels
- Advise procurement and legal teams on the identified risks and proposed mitigation measures.
- Maintain comprehensive documentation on the identified risks. Catalog approved vendors
What we’re looking for
- Verily good oral, written and presentation communication skills
- Background in computer science, Information systems, cyber security, software engineering or information technology.
- 2+ years experience with security risk assessment processes
- Knowledge of industry standard questionnaires and vendor management documents (eg. SOC 2, ISO, CSA etc.). Experience with reading / reviewing architecture diagrams and data flows and familiarity with international security and privacy standards and regulations
- Strong analytical and problem-solving skills. Attention to detail while balancing multiple initiatives at once
You might also have
- Procurement systems/processes/tools experience.
- Experienced in compliance projects, advisory/assurance and/or risk management projects.
- Experience working in security compliance role at a SaaS company
Life at Unity
Unity (NYSE: U) is the world’s leading platform for creating and operating real-time 3D (RT3D) content. Creators, ranging from game developers to artists, architects, automotive designers, filmmakers, and others, use Unity to make their imaginations come to life. Unity’s platform provides a comprehensive set of software solutions to create, run and monetize interactive, real-time 2D and 3D content for mobile phones, tablets, PCs, consoles, and augmented and virtual reality devices.
The company’s 1,800+ person research and development team keeps Unity at the forefront of development by working alongside partners to ensure optimized support for the latest releases and platforms. Apps developed by Unity creators were downloaded more than five billion times per month in 2020. For more information, please visit www.unity.com.
Unity is an equal opportunity employer committed to fostering an inclusive, innovative environment with the best employees. Therefore, we provide employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, or any other protected status in accordance with applicable law. If there are preparations or accommodations we can make to help ensure you have a comfortable and positive interview experience, please let us know.
Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. Unity does not accept unsolicited headhunter and agency resumes. Unity will not pay fees to any third-party agency or company that does not have a signed agreement with Unity.
Share the Vendor Risk Security Analyst position on WeChat