CrawlJobs Logo

Technical Security Analyst

shopify.com Logo

Shopify

Location Icon

Location:

Category Icon

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided

Job Description:

We’re looking for a curious and detail-oriented individual to join Shopify’s Third Party Security team as a Technical Security Analyst. As a Technical Security Analyst, you’ll leverage your technical skills and security fundamentals—along with your growing knowledge of Shopify’s products, applications, and infrastructure—to help understand, assess, and manage third-party vendor risk. You’ll support and operate technical controls, follow and improve team playbooks, and work cross-functionally to help Shopifolk get shit done while keeping security top of mind.

Job Responsibility:

  • Support third-party/vendor security reviews by collecting evidence, validating responses, and recording outcomes
  • Use established frameworks and playbooks to identify control gaps and flag risks for review/escalation
  • Support implementation and day-to-day operation of technical controls that reduce third-party security risk
  • Use automation and available tools to reduce toil and improve consistency in repeatable workflows
  • Partner with internal teams to understand intended vendor/tool usage and gather required security context
  • Maintain clear systems-of-record documentation (artifacts, notes, decisions, and rationale) with strong attention to detail
  • Track recurring risk themes and basic metrics (cycle time, common findings, exceptions) to help improve how the team works
  • Contribute to team knowledge by updating playbooks/runbooks and sharing learnings from completed reviews

Requirements:

  • Clear, friendly written communication skills and comfort explaining technical details to non-technical partners
  • Working knowledge of security fundamentals (risk concepts, controls, privacy/compliance basics)
  • Strong attention to detail and proven ability to produce accurate, audit-friendly documentation
  • Ability to solve problems quickly, follow through, and escalate appropriately when something is unclear or high risk
  • Experience following structured processes/playbooks and suggesting improvements when friction or gaps are found
  • Comfort working across multiple tools/systems (tickets, docs, spreadsheets) to manage work end-to-end
  • Familiarity with automation or scripting/workflow tools (or strong interest in learning and applying them)

Additional Information:

Job Posted:
March 01, 2026

Work Type:
Remote work
Job Link Share:

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Technical Security Analyst

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

Senior Cyber Security Analyst

In the Bosch Cyber Security Organization, we coordinate the vulnerability manage...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Completed university degree (Master/Diploma/PhD) in Information Security, Computer Science, Software Development, Electrical Engineering, Mathematics, or comparable field
  • Team player familiar with cooperation and delegation
  • Versatile and communicative individual who enjoys preparing and sharing information tailored to target audience
  • Strong technical background in security and several years of professional experience in multiple fields: IT Security, Cloud Security, Embedded Security, Industrial Control Systems (ICS), Industrial IoT (IIoT), Consumer IoT, Software Security and Security Research, Vulnerability Management process design and execution
  • Ideally basic knowledge in operational management of CSIRT, CERT, or Product-CERT
  • Love challenges while defining and implementing processes in new, effective, and user-oriented manner
  • Very good English written and spoken
  • German would be an important asset
Job Responsibility
Job Responsibility
  • Investigate and assess vulnerabilities within operational environment
  • Provide basis for prioritizing vulnerability remediation follow-up
  • Work closely with development and operations teams in Poland and tracking teams in India
  • Support further development of Enterprise Security Advisory Services
  • Track risks through vulnerabilities
  • Continuously identify process improvements for enhanced tool support
  • Coordinate implementation of improvements with international teams
  • Actively work as team to network with external stakeholders
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Professional support and knowledge sharing
  • Ongoing development opportunities in multinational environment
  • Broad access to professional trainings including language courses, conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits including MultiSport, shopping vouchers, cinema tickets
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst

In the Bosch Cyber Security Organization, we coordinate the vulnerability manage...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Completed university degree (Master/Diploma/PhD) in Information Security, Computer Science, Software Development, Electrical Engineering, Mathematics, or a comparable field of study
  • Team player who is familiar with both cooperation and delegation
  • Versatile and communicative individual who enjoys preparing and sharing information tailored to the target audience
  • Strong technical background in security and several years of professional experience in multiple of the following fields: IT Security, Cloud Security, Embedded Security, Industrial Control Systems (ICS), Industrial IoT (IIoT), Consumer IoT, Software Security and Security Research, Vulnerability Management process design and execution
  • ideally basic knowledge in the operational management of a CSIRT, CERT, or Product-CERT
  • Love challenges, while defining and implementing processes in a new, effective, and user-oriented manner
  • Very good English, written and spoken
  • German would be an important asset
Job Responsibility
Job Responsibility
  • Investigate and assess vulnerabilities within their operational environment, providing the basis for prioritizing the follow-up of vulnerability remediation
  • Work closely with development and operations teams in Poland, as well as tracking teams in India, supporting the further development of our Enterprise Security Advisory Services and the tracking of risks through vulnerabilities
  • Continuously identify process improvements for enhanced tool support and coordinate their implementation with the respective international teams
  • Actively work as a team to network with external stakeholders
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Security Analyst

As a Security Analyst, you will be a key player in our IT security team, focusin...
Location
Location
United States , Tallahassee
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Lead the technical execution of security-related projects, focusing on system hardening and network security
  • Engage in effective communication and collaboration with various teams to meet specific security standards
  • Utilize your expertise in firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), and encryption to ensure secure configurations
  • Conduct comprehensive vulnerability assessments and devise relevant remediation strategies
  • Manage security tools and provide support for incident response, ensuring the seamless integration of security platforms
  • Ensure strict adherence to Criminal Justice Information Services (CJIS) and State of Florida regulations
  • Work closely with Governance, Risk, and Compliance (GRC) teams to address audit gaps
  • Document and provide training on cybersecurity solutions and processes with a focus on CJIS and State regulations
  • Reengineer security processes for improved efficiency and compliance
  • Stay informed about emerging threats and technologies, providing support for cybersecurity issues
Job Responsibility
Job Responsibility
  • Lead the technical execution of security-related projects, focusing on system hardening and network security
  • Engage in effective communication and collaboration with various teams to meet specific security standards
  • Utilize your expertise in firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), and encryption to ensure secure configurations
  • Conduct comprehensive vulnerability assessments and devise relevant remediation strategies
  • Manage security tools and provide support for incident response, ensuring the seamless integration of security platforms
  • Ensure strict adherence to Criminal Justice Information Services (CJIS) and State of Florida regulations
  • Work closely with Governance, Risk, and Compliance (GRC) teams to address audit gaps
  • Document and provide training on cybersecurity solutions and processes with a focus on CJIS and State regulations
  • Reengineer security processes for improved efficiency and compliance
  • Stay informed about emerging threats and technologies, providing support for cybersecurity issues
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
  • Fulltime
Read More
Arrow Right

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, detail-oriented Appl...
Location
Location
Israel , Ramat Gan
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Ability to handle multiple requests and work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code
  • Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Supervise the technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant Product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Email Security Analyst

The Info Security Tech Sr Analyst is responsible for leading efforts to prevent,...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical and analytical expertise and experience (preferred 3+ years’ Information Technology/ Cybersecurity experience)
  • Understanding of and demonstrated experience with the tools and sources available to conduct email and threat analysis
  • Cross-functional understanding of email operations, security practices and the user experience
  • Ability to organize and appropriately prioritize multiple, ongoing tasks via efficient time management and forecasting
  • Project management skills a plus
  • Ability to work independently, as well as in team situations, to help internal and external customers achieve desired results
  • Strong written and verbal communication and presentation skills
Job Responsibility
Job Responsibility
  • Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Analyze and provide oversight of analysis of email threats and controls
  • Develop and manage processes to track identified incidents to resolution
  • Develop metrics and reports as needed
  • Triage information received from vendors and process that information through previously defined internal workflows
  • Manage meetings with internal stakeholders to address open issues and identify process improvements
  • Actively engage in liaison activities with intelligence communities, industry associations, peer institutions, and information sharing communities
  • Apply developed communication and diplomacy skills to guide and influence decision makers
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing, and reporting control issues with transparency
  • Keep up to date with the ever-changing cyber security landscape to remain relevant and knowledgeable through internal and external certifications
  • Fulltime
Read More
Arrow Right

Security Analyst

The Security Analyst is responsible for assessing security events, findings, ins...
Location
Location
United States
Salary
Salary:
60000.00 USD / Year
digitalmediasolutions.com Logo
Digital Media Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 1-2 years of relevant security experience
  • Security+ certification or equivalent knowledge, skills, abilities (KSAs) is recommended
  • Fundamental knowledge and technical experience with AWS is required
  • Familiarity with Security Information and Event Management (SIEM) tools is a plus
  • Demonstrated critical thinking and problem-solving skills
  • Familiar with system troubleshooting practices and methodologies
  • Excellent written, verbal and interpersonal communication skills
  • Ability to work successfully with teams on multiple projects
  • Collaborative approach/attitude
Job Responsibility
Job Responsibility
  • Review, analyze and respond to security events and findings from system and application logging and security tools
  • Conduct initial response and first-level troubleshooting for malware and phishing incidents
  • Conduct basic security/vulnerability assessments to include scanning/auditing resources, analyzing results and creating tickets as needed for responsible teams
  • Assist technology leadership with security incident handling
  • Assist with Security Awareness training
  • Assist in Vendor Risk Assessments
What we offer
What we offer
  • Medical, dental, vision insurance
  • Wellness and mental health benefits
  • Tax-Advantaged health care accounts
  • Financial and income protection benefits (Life insurance, 401(k), short-term disability)
  • Paid time off (PTO), holidays and sick time off
  • Remote worker assistance for wellness and home office
  • Fulltime
Read More
Arrow Right