Senior Security Analyst | Mortenson jobs in United States
cer-icon
Apply on Employer Site
company-logo

Mortenson · 3 hours ago

Senior Security Analyst | Mortenson

positionMinnesota, United States
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$114K/yr - $171K/yr
date5+ years exp

Mortenson is currently seeking a Sr. Security Analyst that will be responsible for managing risks and ensuring compliance with security regulations. This role involves developing and enforcing security frameworks, conducting risk assessments, and creating cybersecurity policies while collaborating with stakeholders to align security practices with business objectives.

Commercial Real EstateConstructionReal Estate
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Assess and manage contractual and regulatory obligations in accordance with company policies, industry standards, and regulatory requirements (e.g. SOC 2, ISO 27001, NIST CSF, NIST 800-171, CMMC, etc.)
Manage security standards, policies, and practices on an annual basis to make sure they meet company demands
Assist the Business in responding to inquiries from customers about Security controls and compliance
Look for improvement and offer insightful advice and value-added guidance on process and control enhancements
Conduct comprehensive risk assessments of third-party vendors, partners, and service providers to evaluate security posture, compliance status, and risk exposure
Collaborate with cross-functional teams, including Legal, IT, and Procurement, to establish risk management strategies for third-party relationships
Maintain processes for third-party security evaluations, onboarding, and ongoing risk monitoring
Manage the lifecycle of third-party risk management, from initial assessment to contract negotiations and continuous monitoring
Work with vendors and internal teams to ensure that appropriate remediation plans are put in place for identified risks
Prepare regular reports on third-party risk and compliance status for senior management and relevant stakeholders
Stay up-to-date with the latest trends and best practices in third-party risk management, cybersecurity, and regulatory compliance
Respond to information security incidents, perform root cause analysis, and lead incidents and problems to resolution
Work with other technical staff to execute information security initiatives and projects
Monitor information security systems for risk events and manage discovered vulnerabilities to acceptable remediations

Qualification

Third-party risk managementCybersecurity policiesRisk assessmentsCompliance regulationsSecurity frameworksSecurity assessmentsVendor managementAnalytical skillsCommunication skillsProblem-solving skillsInterpersonal skillsPresentation skillsNegotiation skills

Required

Bachelor's degree in Cybersecurity, Information Technology or equivalent subject area
5+ years of experience in information security, risk management, compliance, or related fields
Strong understanding of third-party risk management processes and frameworks
Familiarity with key security & privacy regulations, and risk management frameworks (e.g. CCPA, SOC 2, ISO 27001, NIST, CMMC)
Knowledge of compliance regulations and standards
Experience with conducting security assessments, audits, and risk evaluations
Knowledge of security controls, risk mitigation strategies, and vendor management best practices
Excellent communication and interpersonal skills with the ability to convey complex technical information to both technical and non-technical stakeholders. The candidate should be able to “sell” ideas and processes internally at all levels
Strong analytical & problem-solving skills and detail oriented attention to detail-to be able to analyze complex situations, identify root causes, and develop solutions
Ability to work independently, manage multiple projects, and meet deadlines in a fast-paced environment
Effective influencing and negotiation skills in complex environments where resources required for success may not be in direct control of this role
Demonstrated presentation skills and credibility to win support and align the organization

Benefits

Medical and prescription drug plans that includes no additional cost vision coverage
Dental plan
401k retirement plan with a generous Mortenson match
Paid time off, holidays, and other paid leaves
Employer paid Life, AD&D, and disability insurance
No-Cost mental health tool and concierge with extensive work-life resources
Tuition reimbursement
Adoption Assistance
Gym Membership Discount Program

Company

Mortenson

twittertwittertwitter
Glassdoor4.4
company-logo
Mortenson is a U.S.-based, top-25 builder, developer and provider of energy and engineering services committed to helping organizations move their strategies forward.
dateFounded in 1954
location
Minneapolis, Minnesota, USA
people-size5001-10000 employees
web-link
https://www.mortenson.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Will Adams
VR Developer
linkedin

Recent News

Government Technology US
Mesa Community College Invests in Data, Construction Programs
2025-10-25
Star Tribune
Northeastern Minnesota mystery project identified as data center
2025-09-25
Seattle TechFlash
Mortenson, Hyde acquire $57M industrial portfolio from United Properties in southeast metro
2025-08-07
Company data provided by crunchbase