Sr. InfoSec Analyst
1 Federal St. Boston, MA
Position: Sr. InfoSec Analyst
Location: Boston, MA
Duration: Direct Hire
Must Haves: Bachelor’ s Degree, 3-4 yrs experience. One of the followng certs: CISSP, CISM, or CISA. Familiar with Information Security Compliance frameworks. Ability to travel. Ability to be on-site 5 days/wk.
Interview: Must be available to interview on-site
The information Sr. Security Compliance Analyst will work to ensure the organization maintains its compliance to external customer and regulatory requirements to ensure the Confidentiality, Integrity and Availability of the organizations network, digital information, user accounts or other sensitive information. The Information Security Compliance Analyst will assist in the performance of Information Security Risk Assessments of business lines and operational regions.
- Participating in the evaluation of Information Security Policies, Standards, Procedures, and Guidelines for multiple platforms and diverse systems environments as they pertain to regulatory and customer compliance requirements.
- Performing risk assessments and simulating audit test plan to ensure compliance with Information Security Policies, Standards, Procedures, and Guidelines. When risks and threats are identified, communicating to relevant parties/ departments for remediation plans and mitigating controls.
- Using relevant information and individual judgment to determine whether events or processes comply with laws, regulations, or standards.
- Conferring with business stakeholders to discuss issues pertaining to their compliance needs.
- Providing sufficient information and audit artifacts to external auditors/ assessors to meet audit requirements.
- As an Information Security Compliance Analyst, you will work with Customer Assurance team to handle external and internal customers' inquiries pertaining to Information Security compliance program in order to let them feel confident that our environment is secured and doing business with us.
- This is a global role, working across functional groups in Europe, Latin America, Asia Pacific and North America
- Good communication, written and verbal skills as there will be frequent interactions with Stakeholders and external auditors/ customers
- Ability to manage demands of internal and external customers through phone, email and process requests
- Strong organizational skills to manage fast paced and demanding requests in a defined service level
- Ability to team with other groups to influence the collection of information required to obtain compliance
- Familiarity with Information Security Compliance frameworks (such as, ISO 27001/2, PCI, SOC 2/3, OSPAR, HIPAA)
- The job requires the ability to make judgments based on practice and past precedence.
- The job requires the ability to evaluate complex situations and novel situations using multiple sources of information.
- The job requires complex judgments, in depth analysis, interpretative thinking and the ability to independently develop innovative solutions.
- Bachelor’ s Degree with a minimum of four (4) years of experience
- At least one of the following: CISSP – Certified Information Systems Security Professional, CISM – Certified Information Systems Security Manager or CISA -- Certified Information Systems Security Auditor
- Ability to travel up to 10-25%
- A strong candidate will possess a background in Information Security and Technology; you’ ll thrive in this role if you:
- Enjoy staying on top of the latest security practices
- Have a passion for protecting customer data from threats
- Feel excited about the potential of securing applications and information -
- Work well with both technical and non-technical business partners