The Information Security Analyst will be part of the Information Security Governance, Risk, and Compliance Group. This position will work closely with the Director of Information Security and Assurance to provide timely and quality service to ensure compliance with the Firm’s information security policy and procedures. This position will be responsible for maintaining continuous monitoring of activities in support of the ISO 27002:2013 control environment while performing threat detection and remediation.
Minimum of 2 years’ experience in an information security professional role.
Knowledge of security issues, techniques, and implications across computing platforms.
Knowledge of ISO 27001:2013 control framework.
Experience with vulnerability scanning tools.
Knowledge of information security policy, standards, and industry best practices.
Strong written and verbal communication skills, professional attitude, and excellent references.
Bachelor’s degree in computer science, information systems, or related field preferred, not required.
Duties and Responsibilities:
Perform technology risk assessment activities such as account control audits for systems, applications, infrastructure, and operational processes.
Perform information security training, awareness, and outreach activities.
Perform technology platform vulnerability scanning activities.
Prepare assessment report results reflecting vulnerability, compliance, and data risks identified.
Track resolution of identified information security issues.
Analyze audit logs for exceptions to policy.
Maintain inventory of exceptions to Information Security policy, standard, control, and configuration requirements for reporting to clients.
Assist with information security incident response activities.
Successfully set priorities, perform tasks in an orderly fashion, and meet time deadlines.
Demonstrate agility and is flexible with changing priorities.
Maintain departmental records in accordance with policies and procedures.
Submit all required paperwork and reports accurately and on time.