Lead Security Analyst

TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers’ compensation insurance. 

TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you’re passionate about innovation and making an impact on the large SMB market, come join us as we power our clients’ business success with extraordinary HR. 

Don't meet every single requirement? Studies have shown that many potential applicants discourage themselves from applying to jobs unless they meet every single requirement. TriNet always strives to hire the most qualified candidate for a particular role, ensuring we deliver outstanding results for our small and medium-size customers. So, if you're excited about this role but your past experience doesn't align perfectly with every single qualification in the job description, nobody’s perfect – and we encourage you to apply. You may just be the right candidate for this or other roles. 

A Brief Overview 

The position researches and analyzes the organization's security threat information; plans security measures to protect critical information from counter-threats and possible attacks. Additionally, this role ensures robust governance, risk management, and compliance practices to maintain a strong security posture and meet TriNet security requirements.

 What you will do

• Reviews logging events in the infrastructure to ensure security incidents are detected
• Researches and implements new methods to improve digital security and eliminate vulnerabilities
• Provides expert technical support in respect to security issues
• Initiates, facilitates, and promotes activities to create information security awareness throughout the organization
• Creates and maintains documentation for information security processes
• Develops project plans and confirms that all deadlines are met through project lifecycle
• Performs other duties as assigned
• Complies with all policies and standard
• Conduct enterprise-wide risk assessments and maintain risk registers.
• Identify, analyze, and prioritize risks; recommend mitigation strategies.
• Facilitate risk treatment plans and monitor progress.
• Ensure compliance with relevant regulations (SOX, HIPAA, SOC 2 etc.).
• Prepare for and lead internal/external audits; manage evidence collection.
• Track compliance gaps and drive remediation efforts.
• Assess vendor security posture through questionnaires and audits.
• Maintain third-party risk management processes and documentation.
• Create dashboards and reports for leadership on risk posture, compliance status, and audit findings.
• Present findings and recommendations to senior management.
• Drive maturity assessments and develop a roadmap for continuous improvement of GRA capabilities.
• Work closely with IT, Legal, and Business units to align security objectives.
• Act as a subject matter expert and advisor to senior leadership on governance, risk, and compliance matters.

Education Qualifications

• Bachelor's Degree or equivalent experience preferred

Experience Qualifications

• Typically 8 + years

Skills and Abilities

• Knowledge of risk assessment methods and technologies
• Proficient in performing risk, business impact, control and vulnerability assessments
• Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
• Experience in developing, documenting and maintaining security policies, processes, procedures and standards.
• Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
• Deep understanding of security governance frameworks (ISO 27001, NIST CSF).
• Proficiency in enterprise risk assessment methodologies, risk modeling, and quantitative analysis. Ability to develop and maintain risk registers and treatment plans.
• Skilled in vendor risk assessments, continuous monitoring, and contractual security requirements.
• Excellent stakeholder management, presentation and communication skills.

Licenses and Certifications

• CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, CompTIA Security; preferred

Work Environment

• Work in a clean, pleasant, and comfortable office work setting. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable persons with disabilities to perform the essential functions.
• This position is 100% in office.

Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity. 

TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact recruiting@trinet.com to request such an accommodation.