Job Description
Job Title : Cyber Control Findings Analyst
Location : New York, NY
Duration : Long Term Contract
Job Summary :
Cyber Control Findings Analyst is responsible for reviewing, monitoring, and resolving security findings within an organization.
Here are the typical duties and qualifications for this role :
Typical Duties and Responsibilities :
- Risk and Vulnerability Assessments : Conduct risk and vulnerability assessments, validation testing, compliance reviews, and audits following NIST standards.
- ISO 27001 and SOC 2 Audits : Manage and support SOC 2 and global ISO 27001 audits.
- Promoting ISO 27001 Standards : Encourage widespread implementation of ISO 27001 standards.
- Central Repository for Audit Evidence : Maintain and monitor a central repository for audit evidence.
- Stakeholder Communication : Inform relevant stakeholders about important concerns and hazards.
- Collaboration with Departments : Work with corporate IT, procurement, and privacy departments to align with GRC (Governance, Risk, and Compliance) objectives.
- Stay Updated : Keep up-to-date with industry procedures and methods.
Required Skills and Experience :
- Bachelor’s degree in information cybersecurity, risk management, governance, or a related field.
- 5+ years of direct experience in information security, with a focus on risk and compliance.
- Expertise in conducting ISO 27001 and SOC 2 audits and handling audit responses.
- Knowledge of relevant regulatory compliance requirements (ISO 27001, SOC 2, NIST, FedRamp, CMMC, PCI, GDPR, etc.).
- Familiarity with identity management standards, cloud storage, and disaster recovery.
- Proficiency in GRC tools and best practices (e.g., ZenGRC, OneTrust, Archer).
- Strong attention to detail and effective communication skills.
Preferred Qualifications :
- ISO 27001 Lead Auditor, CISA, CISM, or CISSP certification
27 days ago