We have an opening for a Cyber Security Analyst.
This position may sit in any of our U.S. offices.
The Cyber Security Analyst will support the completion of compliance-related data requests to assess security policies and procedures. The analyst will respond to inquiries on the security controls policy, processes, and procedures implemented for systems and applications. This position requires strong communication skills, initiative, attention to detail and the ability to learn quickly.
In this capacity, the Cyber Security Analyst will:
- Review and understand the Firm’s current cybersecurity program framework and relevant policies;
- Complete external information security assessments and support status tracking of assessments;
- Prepare and respond to related compliance requests including referencing evidentiary artifacts or other documentation;
- Coordinate with external assessors and internal subject matter experts to address compliance inquiries;
- Assist in further defining the process for completing information security control assessments;
- Support metrics and reporting of the Information Security Program through the collection and analysis of effectiveness security control measures;
- Develop and maintain the status tracking related to findings from information security assessments;
- Contribute to the creation of security related processes and procedures and relevant documents;
- Work with the CISO and senior managers to report existing information security program and ongoing security projects that address information security risks and compliance requirements; and
- Manage competing deadlines and multiple external inquires using effective organizational skills and attention to detail as demonstrated by prior work experience.
- A minimum of 5+ years professional work experience;
- Bachelor’s degree required;
- At least five years of combined information technology and information security experience;
- Strong understanding of multiple risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT);
- Demonstrated experience with the NIST Cybersecurity Framework and auditing security controls identified in NIST SP800-171 and NIST SP800-53A;
- Experience working with internal and external auditing firms;
- Strong understanding of information security concepts and technologies; and
- Fundamental knowledge of MS Outlook, Word, Excel, Visio, and PowerPoint.