Cyber Security Analyst - GRC and IT Auditor in MA

Amtex Systems Inc is an information technology and talent solutions company offering talent and BI consulting to the companies in US for over 25 years.

Our solutions are designed to fill resource gaps, by providing the right candidates who deliver value to the organization. Our propensity to nurture and build strong relationships with our clients helps us better understand their business demands and gives us the ability to provide services that are on time and rise above the rest.

Title: Cyber Security Analyst - GRC and Audit

Boston, MA

ESSENTIAL FUNCTIONS

• Perform user access rights reviews for critical systems periodically.
• Design and revise programs, procedures, and governing documentation for the Information security.
• Review system logs regarding the Bank's infrastructure to identify trends, investigate abnormalities, and report exceptions to the Bank's Information Security Program.
• Work closely with the IT Department and develop strong working relationships to ensure that various safeguards are working effectively.
• Assist business lines in performing risk assessments of the Bank's information assets and systems.
• Work with the Head of Information Security to enhance Bank-wide data leakage programs to protect customer and Bank confidential information.
• Assists the Head of Information Security in employee awareness campaigns.
• Facilitates and tracks the Bank's annual user access rights reviews performed by department managers for their respective areas.
• Document and track Information Security incidents.
• Participate in planning for internal and external audits as required.
• Maintain applicable modules in the Bank's enterprise risk management system.

JOB QUALIFICATIONS

• 3+ years of Information Security or IT Audit experience or recent Information Security or Computer Science college graduate.
• Bachelor's Degree in Information Security or Computer Science
• Working knowledge of security best practices for user access rights management.
• Experience with GRC (Governance Risk Compliance) tools
• Security certification such as Security+ or SSCP is preferred
• Working knowledge of security controls on server, workstation and web and cloud environments.
• Understanding of the role of information security within business.
• Ability to manage time and multi-task effectively across multiple projects
• Proficient with Microsoft Office; Word, Excel, and PowerPoint
• Excellent critical thinking and analytical skills
• Excellent written and oral communication skills
• Attention to detail
• Strong team player