Security Analyst

$120,000 - $150,000

Full Time

  • Work from home
  • No Travel Required

Skills

SecuritySecurity AnalystISO 27001ISO 27000NISTGDPRexternal auditorsSecurity AuditGRCHIPAA

Job Description

Please note I have direct access to the Hiring ISO on this position. Compensation: Base + Bonus

Position is remote

An International, successful, extremely profitable and the largest global privately held medical software/hardware Company is looking for a Security Analyst. The company is privately held, has been in business for 65+ years, has $1+ Billion in revenue, has 5K+ employees, is extremely profitable and has never laid-off an employee.

The Security Analyst will be responsible for:

  • Working in conjunction with a third-party consulting company in performing an overall assessment of the company’s security and IT infrastructure in order to obtain information necessary to create road map to obtain ISO 27001 Certification
  • Sole Responsibilities:
    • Set the scope of ISMS
    • Conduct an inventory of information assets
    • Establish, document and execute a risk assessment and risk management framework
    • Create a Risk Treatment Plan
    • Complete ISO 27001 Statement of Applicability and Required Documents and Records List
    • Perform internal audit
  • Design, establish, implement and continually improve Security policies, procedures, processes and best practices to obtain ISO 27001 Certification and improve ISMS
  • Utilize GRC tool of choice to assist with implementation and compliance
  • Hire additional direct report security analysts to assist in monitoring and improving compliance
  • Future responsibility would include assisting with overall efforts to obtain and comply with NIST Security framework
  • Collaborate with internal and external auditors and draft responses to audit findings

The Security Analyst will report directly to the Information Security Officer

Requirements:

  • Must have experience participating in and/or performing compliance with ISO 27001 framework and standards
  • Any experience or familiarity with any of the following are only a plus; NOT mandatory: Greenfield ISO 27001, NIST CSF, CCPA, GDPR, HIPAA, HITRUST, GRC tools, 3rd Party Vendor Assessments, Security Audits and/or Security Certifications. Again, NOT Mandatory.

Benefits

The company offers full benefits (PPO & HMO) including dental and vision, matching 401K, 3 weeks of vacation, 10 paid holidays, paid sick days, Short and Long-Term Disability, Life Insurance, Tuition reimbursement, casual dress and flexible work hours that all start upon employment.