Position : Information Security Analyst
Location : Remote with Once a week in Boston, MA
Contract
Summary of the Position
This posting is for an Information Security Analyst to assist the Executive Office for Administration and Finance IT (A&F IT).
A&F IT is seeking a highly skilled and detail-oriented Information Security Analyst to join the Office of the Chief Information Security Office (CISO) team.
The ideal candidate will be responsible for coordinating internal and external audits, performing comprehensive risk assessments and developing robust security policies.
This role requires a deep understanding of security frameworks, regulatory requirements, and best practices to ensure the organization's information assets are protected against potential threats.
Key Responsibilities :
- Coordinate security audits between 3rd party auditors and IT teams Meet with auditors and confirm scope of engagements Gather and organize responses and evidence Consolidate materials and analyze content for completeness and accuracy Solicit and coordinate reviews with security team SME(s) Present information to auditors and other key stakeholders Document and track progress of Corrective Action Plans
- Policy and Procedure administration Manage catalog of Information Security Policies and Procedures Ensure annual reviews and updates are complete Work with the Department of Revenue’s (DOR’s) Risk Management team to identify business impact of policies
- Conduct Internal IT risk assessments Interview SMEs and document in-place controls against NIST800-53 Identify control deficiencies Drive remediation of deficiencies
- Facilitate Risk assessments of 3rd party vendors Maintain schedule of assessments Maintain 3rd party vendor questionnaires Coordinate assessments between vendor, business and Collect and consolidate responses Escalate 3rd party vendor control weaknesses to security team SME(s)
Qualifications :
- Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
- Minimum of 3-5 years of experience in information security, risk management, or a related field.
- Strong knowledge of security frameworks and standards (., NIST, ISO 27001, COBIT).
- Experience with risk assessment methodologies and tools.
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication skills, with the ability to convey complex information to a non-technical audience.
- Detail-oriented with strong organizational skills and the ability to manage multiple tasks simultaneously.
Key Competencies :
- Proactive approach to identifying and mitigating security risks.
- Ability to work independently and as part of a team.
- Strong interpersonal skills and the ability to work effectively with stakeholders at all levels of the organization.
- High level of integrity and ethical conduct.
- Commitment to continuous improvement and staying updated with the latest security trends and technologies.
Information Security Analyst
Key Responsibilities:Administers network security programs, including event detection and postmortem analysisAnalyzes network traffic logs and escalated work orders, recommending process improvementsAssists in developing companywide security training materials and ensures compliance with regulations...
Sr Information Security Analyst
This position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. Reporting to the Cybersecurity Manager, the Security Analyst will work c...
Senior Information Security Analyst
A company is looking for a Senior Information Security Analyst to protect customer and corporate data through cybersecurity and technical controls. ...
Information Security Operations Analyst
Additionally, the Information Security Operations Analyst assists in the response to business disruptions, security incidents and other control functions as necessary to satisfy the Information Security Team’s responsibilities. Familiar with basic information security concepts, including user accoun...
Information Security Analyst II
A company is looking for an Information Security Analyst II to monitor and respond to information security events within a large enterprise technology ecosystem. ...
Information Security Analyst
Responsibilities include: responding to suspicious cyber security activities, incidents, and tickets; analyzing information from a wide range of sources including logs and data from network devices, applications, and security tools, from other security and IT professionals, and from Internet sources...
Information Security Analyst III Vulnerability Remediation Program Lead
Information Security Analyst III Vulnerability Remediation Program Lead-(3290329). The Mass General Brigham (MGB) Information Security Analyst III Vulnerability Remediation Lead will be critical in developing and implementing vulnerability remediation procedures and prioritization to protect our hos...
Sr Information Security Analyst
This position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. Reporting to the Cybersecurity Manager, the Security Analyst will work c...
Information Security Analyst
The Information Security Analyst will work with the Director of Information Security and Risk Management on the continuous improvement and development of the firm’s cybersecurity, compliance, and governance programs. As the Information Security Analyst, you are the organizing force responsible for p...
Sr Information Security Analyst
This position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. Reporting to the Cybersecurity Manager, the Security Analyst will work c...