opengreenhousembaexchange
Information Security Analyst, CX
NICE
LocationPhilippines - Manila
Last observed2026-06-13 05:25:49.734218
Job idmbaexchange-nice:greenhouse:4851654101
At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you. So, what’s the role all about? The Information Security Analyst sits at the intersection of security, sales, and technical account managers serving as a point of contact for customer and prospect security inquiries. You will own the response to security questionnaires, support contract reviews on security and privacy terms, and act as a trusted advisor to external customers on our security posture. This role is critical to accelerating deal cycles, building customer trust, and reinforcing our security program. Key Responsibilities Respond to customer and prospect security questionnaires (SIG, CAIQ, VSA, and custom formats), ensuring accurate, timely, and consistent answers. Maintain and continuously improve the security questionnaire knowledge base, response library, and trust portal content so that answers stay current and reusable. Serve as the front-line responder for inbound customer security inquiries via email and ticketing helping to translate technical controls into clear business language.. Ensure the public trust center is up to date with security whitepapers, and standard customer-facing security documentation. Document all customer security interactions in the CRM and ticketing systems in accordance with SLAs, and report on questionnaire volume, turnaround time, and deal impact. Read and interpret third-party audit reports (SOC 2 Type II, ISO 27001, penetration test report summaries) and represent findings to customers in questionnaires and security responses. Coordinate cross-functional input from other internal teams to validate questionnaire answers and resolve gaps between stated controls and operational reality. Required Qualifications 3+ years in a security, GRC, trust, or technical customer-facing role, with direct ownership of security questionnaires and customer inquiries. Hands-on experience responding to SIG, CAIQ, VSA, and bespoke enterprise security questionnaires. Working knowledge of SOC 2, ISO 27001, and at least one of HIPAA, PCI DSS, GDPR, or FedRAMP. Experience reviewing security and privacy provisions in commercial contracts (MSAs, DPAs, BAAs) and collaborating with Legal on redlines. Strong written and verbal communication — able to translate complex technical controls for non-technical audiences (procurement, legal, executives). Solid grounding in core security domains: access control, encryption, vulnerability management, incident response, network security, and secure SDLC. Familiarity with cloud infrastructure (AWS, Azure, or GCP) and SaaS security models. Demonstrated ability to manage a high-volume queue with competing deadlines while maintaining accuracy. Bachelor's degree in a relevant field, or equivalent practical experience. Excellent organizational and project management skills with ability to own a high-volume queue, set priorities, and drive multi-stakeholder responses to deadline. Fast learner with a demonstrated ability to self-educate on new technologies, products, and evolving security frameworks. Proven ability to work collaboratively across technical and business teams, and to handle confidential customer and company information with discretion. Nice to Have Security certifications such as CISSP, CISA, CISM, CCSK, or Security+. Experience with trust portal platforms (ServiceNow, Whistic, Vanta Trust, Drata Trust). Familiarity with AI/ML security and emerging frameworks (NIST AI RMF, ISO 42001). Verbal and written fluency in additional languages beyond English. Requisition ID: 10749 Reporting into: Manager, Information Security CX Role Type: Individual Contributor What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the be
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.