CrawlJobs Logo
Shopify Logo Shopify · IT - Administration

Technical Security Analyst

· Job Posted March 01, 2026
Apply Position
Job Link Share

Job Description

We’re looking for a curious and detail-oriented individual to join Shopify’s Third Party Security team as a Technical Security Analyst. As a Technical Security Analyst, you’ll leverage your technical skills and security fundamentals—along with your growing knowledge of Shopify’s products, applications, and infrastructure—to help understand, assess, and manage third-party vendor risk. You’ll support and operate technical controls, follow and improve team playbooks, and work cross-functionally to help Shopifolk get shit done while keeping security top of mind.

Job Responsibility

  • Support third-party/vendor security reviews by collecting evidence, validating responses, and recording outcomes
  • Use established frameworks and playbooks to identify control gaps and flag risks for review/escalation
  • Support implementation and day-to-day operation of technical controls that reduce third-party security risk
  • Use automation and available tools to reduce toil and improve consistency in repeatable workflows
  • Partner with internal teams to understand intended vendor/tool usage and gather required security context
  • Maintain clear systems-of-record documentation (artifacts, notes, decisions, and rationale) with strong attention to detail
  • Track recurring risk themes and basic metrics (cycle time, common findings, exceptions) to help improve how the team works
  • Contribute to team knowledge by updating playbooks/runbooks and sharing learnings from completed reviews

Requirements

  • Clear, friendly written communication skills and comfort explaining technical details to non-technical partners
  • Working knowledge of security fundamentals (risk concepts, controls, privacy/compliance basics)
  • Strong attention to detail and proven ability to produce accurate, audit-friendly documentation
  • Ability to solve problems quickly, follow through, and escalate appropriately when something is unclear or high risk
  • Experience following structured processes/playbooks and suggesting improvements when friction or gaps are found
  • Comfort working across multiple tools/systems (tickets, docs, spreadsheets) to manage work end-to-end
  • Familiarity with automation or scripting/workflow tools (or strong interest in learning and applying them)
Shopify - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Technical Security Analyst

8 matching positions

Technical Security Analyst

Location
Location
Romania , Cluj
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of experience in the information security field and the responsibilities described above, especially related to vulnerability management and SecOps teams
  • Experience in end-to-end vulnerability lifecycle management (discovery, classification, remediation, validation, and closure)
  • Awareness of compensating controls and risk mitigation strategies
  • Cross-functional collaboration with BISOs, asset owners, IT operations, and security teams experience
  • Ability to provide expert security guidance to technical teams
  • Continuous security improvement mindset
  • Strong written and verbal communication skills for both technical and non-technical audiences
  • Awareness of corporate security controls, policies, and standards
  • Analytical and problem-solving skills
  • Attention to detail and strong organizational skills
Job Responsibility
Job Responsibility
  • Monitor, analyze, and prioritize vulnerabilities identified across corporate infrastructure, applications, and cloud environments, ensuring alignment with internal severity models and remediation SLAs
  • Validate vulnerability alerts, assess business impact, and coordinate triage activities with asset owners, BISOs, IT operations, and security teams to drive timely remediation
  • Oversee the end-to-end vulnerability lifecycle, from discovery and classification to remediation tracking, closure verification, and compliance reporting
  • Support security posture improvement initiatives by analyzing recurring weaknesses, identifying systemic gaps, and recommending corrective or preventive measures
  • Produce clear dashboards, reports, and metrics to communicate risk exposure, remediation progress, SLA adherence, and posture improvement trends to leadership
  • Collaborate with penetration testing, configuration, and threat intelligence functions to contextualize vulnerabilities and strengthen operational resilience
  • Ensure alignment with corporate vulnerability management standards, policies, and security controls, supporting audits and regulatory requirements
  • Provide expert guidance to technical teams on remediation strategies, compensating controls, and secure configuration improvements
  • Contribute to continuous improvement initiatives, unified workflows, and automation efforts that enhance the organization's overall security posture
  • Undertake additional duties as needed
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance custom-made for you
  • Individual coaching sessions and accredited Coaching School
  • Epic parties or themed events for our people and their families
  • Fulltime
Read More
Arrow Right

Technical Support Analyst III (EHR Security Analyst)

Location
Location
United States , Richmond
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of IT experience (5+ years preferred in relevant areas)
  • Strong understanding of EHR systems and security frameworks
  • Experience with: Active Directory (AD)
  • Single Sign-On (SSO)
  • Multi-Factor Authentication (MFA)
  • Identity and access management solutions
  • Knowledge of HIPAA, HITECH, and healthcare security regulations
  • Strong troubleshooting skills related to EHR security and access issues
  • Experience supporting applications in a fast-paced environment
  • Excellent communication and collaboration skills
Job Responsibility
Job Responsibility
  • Define, manage, and maintain EHR security roles, access controls, and user permissions
  • Map and maintain position definitions, including Millennium Position Preferences and OHPAC security groups
  • Provide Tier 1 support to EHR end users for access and security-related issues
  • Collaborate with IT, Security Officers, and compliance teams to develop and enforce security policies
  • Monitor user access and activity to ensure appropriate system usage
  • Conduct internal audits and identify potential risks or vulnerabilities
  • Assist in user provisioning and deprovisioning processes
  • Investigate and respond to security incidents, ensuring proper documentation and resolution
  • Support system upgrades, patches, and maintenance activities (Cerner/OHPAC)
  • Participate in audits (internal and external) and ensure compliance readiness
Read More
Arrow Right

Senior Technical Security Analyst

As a Technical Security Analyst on the Trust team, you'll be a part of a highly ...
Location
Location
Salary
Salary:
Not provided
shopify.com Logo
Shopify
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • an understanding of information security fundamentals, privacy and compliance standards
  • an understanding of cloud technologies, containerized environments and infrastructure as code
  • experience working with compliance teams or auditors and familiarity with compliance programs such as SOC, PCI, or SOX
  • experience building or maintaining controls and security safeguards for frameworks
  • experience using automation to simplify security and IT practices
  • familiarity with AI tooling, and how to integrate it to accelerate your workflows and augment your skills
  • ability to create and maintain trusted relationships
  • excellent communication skills, including technical breakdowns
  • passion for documenting strategy and approach
  • demonstrated impact in performing assessments
Job Responsibility
Job Responsibility
  • provide operational security guidance to ensure programs are running effectively, efficiently and without gaps
  • collaborate with cross functional teams and gather evidence for assessments, implementations, and use of new tools and workflows
  • automate and improve security workflows and tasks across the scope of our security programs
  • evaluate and instantiate the third parties, and build controls that balance security with speed
  • monitor Shopify’s current control stack and make recommendations to reduce security risk
  • lead and contribute to projects that build out and harden security at Shopify
  • contribute to the management and execution of cyclical controls within operational frameworks
  • collect evidence and samples to support audit activities and ensure compliance with relevant standards
  • supporting the development and implementation of new projects and initiatives, ensuring alignment with strategic goals
  • increase automation and reducing toil in existing controls, and finding new ways to protect Shopify against emerging risks
Read More
Arrow Right

Security Technical Business Analyst

Location
Location
United States , New York
Salary
Salary:
35.00 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in business analysis, technical business analysis, or product ownership, preferably in physical security or related domains
  • Strong analytical skills with the ability to translate business needs into technical requirements and user stories
  • Experience evaluating and onboarding security technologies such as access control, VMS, PSIM, or emergency security systems
  • Familiarity with Agile methodologies and tools (e.g., Jira, Confluence)
  • Excellent stakeholder management and communication skills, with experience coordinating across business and technical teams
  • Knowledge of compliance and security standards relevant to physical security operations
Job Responsibility
Job Responsibility
  • Assist the business owner with physical security technology, ensuring they meet operational needs and align with long-term strategy
  • Translate business requirements into detailed functional and non-functional specifications, user stories, and acceptance criteria
  • Support activity planning, backlog refinement, and release activities to keep projects on track and ensure a seamless transition to operations
  • Collaborate with cross-functional teams including Physical Security Operations, IT, Procurement and other teams to ensure alignment and smooth delivery
  • Track project progress, manage risks and dependencies, and provide visibility through dashboards and reports
  • Support evaluation and onboarding of new physical security technologies, assessing business value, integration feasibility, and operational impact
  • Assist in testing and validation of delivered features to ensure they meet business requirements
  • Fulltime
Read More
Arrow Right

Security Technical Business Analyst

The Technical Business Analyst serves as the business owner for physical securit...
Location
Location
United States , New York
Salary
Salary:
35.00 USD / Hour
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in business analysis, technical business analysis, or product ownership, preferably in physical security or related domains
  • Strong analytical skills with the ability to translate business needs into technical requirements and user stories
  • Experience evaluating and onboarding security technologies such as access control, VMS, PSIM, or emergency security systems
  • Familiarity with Agile methodologies and tools (e.g., Jira, Confluence)
  • Excellent stakeholder management and communication skills, with experience coordinating across business and technical teams
  • Knowledge of compliance and security standards relevant to physical security operations
Job Responsibility
Job Responsibility
  • Assist the business owner with physical security technology, ensuring they meet operational needs and align with long-term strategy
  • Translate business requirements into detailed functional and non-functional specifications, user stories, and acceptance criteria
  • Support activity planning, backlog refinement, and release activities to keep projects on track and ensure a seamless transition to operations
  • Collaborate with cross-functional teams including Physical Security Operations, IT, Procurement and other teams to ensure alignment and smooth delivery
  • Track project progress, manage risks and dependencies, and provide visibility through dashboards and reports
  • Support evaluation and onboarding of new physical security technologies, assessing business value, integration feasibility, and operational impact
  • Assist in testing and validation of delivered features to ensure they meet business requirements
  • Fulltime
Read More
Arrow Right

Partner Security And Enablement (PSE) Technical Analyst

As Partner Security and Enablement (PSE) Technical Analyst, you play a vital par...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum five years’ experience in IT security or managed file transfer administration
  • Extensive knowledge of secure protocols, networking, storage, and cloud/application architecture
  • Proven expertise in identity management, regulatory standards, and SOPs
  • Excellent communication, writing, problem-solving, and customer service skills
  • Ability to adapt and thrive in a fast-paced, international setting
  • Familiarity with life science/biotech industries, regulated environments and compliance frameworks
  • Good understanding of AI concepts, tools and automation
  • Strong grasp of network/cloud infrastructure and identity/access management
  • Good all-round skills in virtual solutions (Cloud PC, AWS Workspaces, Citrix) and isolation browsers (Island)
  • Expert knowledge of SFTP/HTTPS/AS2/etc. protocols, Cloud Storage, Microsoft 365, Active Directory, LDAP, Okta, Entra, Azure, Google Cloud, AWS, etc.
Job Responsibility
Job Responsibility
  • Maintain progress on assigned consultations, key initiatives and drive project milestones to completion
  • Act as a liaison between cross-functional business and DTI departments
  • Independently identify, document and escalate complex, break-fix issues and track to resolution
  • Develop and maintain detailed documentation for Functional Digital Profiles and solutions
  • Continuously enhance solutions security and conduct preparedness workshops
  • Log tickets for required changes and track progress through ServiceNow as also DevOPs and System Development Lifecycle processes
  • Provide clear documentation for delivered solutions and processes, integrating documentation with the appropriate repositories and informing corporate stakeholders
  • Implement solutions for external clients based on functional specification and capabilities
  • Identify and report tech security gaps in solutions, applications, tools, etc.
  • Interact with CDT departments, applicable other DTI/AI, Privacy and Legal teams to ensure solutions are scalable, secure, and optimised to protect client information down to regional/country level
What we offer
What we offer
  • Vast opportunities to learn, develop, and move up and across our global organization
  • Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act
  • Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth, and career benefits
  • Flexible work arrangements
  • Fulltime
Read More
Arrow Right

Security Analyst - SDR Security Operations

Meta is seeking a Security Analyst to join the Global Security Operations team. ...
Location
Location
United States , Menlo Park
Salary
Salary:
137000.00 - 196000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master's degree in Computer Science or related technical field, or equivalent experience in cyber security
  • 5+ years of professional experience in a Security Operations Center, Incident Response, or relevant investigative role
  • 5+ years of experience navigating and understanding Windows, macOS, and Linux operating systems
  • Knowledge of networking technologies, specifically TCP/IP and related protocols
  • Experience analyzing network and host-based security events
  • Professional experience using a wide range of investigative tools including EDR, SIEM/SOAR, UBA
  • Professional experience with database query languages (e.g., SQL)
  • Professional experience handling digital forensic evidence and developing reports to support internal investigations
  • Experience with attacker tactics, techniques, and procedures
  • Experience making important decisions independently and multi-tasking under pressure
Job Responsibility
Job Responsibility
  • Investigate and respond to external and internal cybersecurity threats in a timely manner while communicating clearly and proactively until remediation
  • Drive changes to processes that scale across teams and regions and affect organizations outside Security
  • Act as an escalation point for Tier1 investigations, contribute to the development of the Tier1 capability and related service level objectives
  • Document security investigations and produce high quality and accurate reports for a wide range of stakeholders
  • Collaborate with Security Engineers and cross-functional teams to investigate and remediate large scale security incidents
  • Support security incidents root cause analysis, identify control gaps and recommend mitigation strategies
  • Collaborate with cross-functional teams to drive improvements to security policies, processes and tools
  • Improve the effectiveness and efficiency of the Security Operations and Incident Response team including development and refinement of processes and technical capabilities
  • Understand and support requirements of internal and external stakeholders, regulators, and auditors
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Cloud Security Senior Cyber Security Analyst

For this activity, we are looking for a Senior Cloud & On-Premises Infrastructur...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience designing and delivering complex cloud and on-premises infrastructures
  • Strong knowledge of security tools such as SSPM, DSPM, or CNAPP
  • Ability to write clear and structured technical documentation
  • Strong knowledge of SaaS environments (Google Workspace, ServiceNow, Workday, Salesforce)
  • Proven experience onboarding solutions in hybrid environments (cloud and on-premises)
  • Knowledge of security frameworks such as NIST, CIS, MITRE ATT&CK, and MITRE D3FEND
  • Knowledge of the CrowdStrike Falcon® Shield solution (formerly Adaptive Shield)
  • Strong expertise in cloud architecture (networking, compute, identity, storage, governance)
  • Cloud Certifications - Google, AWS / Azure
  • Engineering Graduate - preferably B.E. /B.Tech in IT or Computer Engineering
Job Responsibility
Job Responsibility
  • Configure the SSPM solution (SaaS)
  • Create a simple SSPM training material
  • Onboarding 4 SaaS applications = Google Workspace, ServiceNow, Workday, Salesforce on the SSPM
  • Define the SaaS hardening baseline
  • Configure the SSPM alerts
  • Produce a detailed SSPM training manual aligned with the customer environment
  • Collaborate with the customer SaaS team to integrate SaaS applications into the SSPM tool, ensuring security rules are correctly implemented
  • Collaborate with the customer SaaS team to configure alerts within the SSPM solution
  • Fulltime
Read More
Arrow Right