Senior Information Security Analyst

Security, Analyst, IT, Supply Chain, Sales, Engineering, Computer, CISSP, ISO
Full Time
Travel not required

Job Description

Overview

The Senior Information Security Analyst will be a key member of the newly formed Information Security team. This individual will actively contribute to the development and implementation of an enterprise-wide information security and risk management program, and operate as an enabler to the business. S/he will provide high-quality information security governance, risk management, and compliance services.

Responsibilities
  • Engage the business units, such as IT, Finance, Legal, Supply Chain, Sales, and Engineering, to identify information security risks, develop action plans and lead the implementation of controls to reduce risks.
  • Develop organizational information security-oriented policies, processes, procedures, and standards in alignment with the selected information security management system.
  • Develop data protection strategies that include the discovery of key business data, classification criteria, data flow maps, and protective control requirements.
  • Perform gap analysis against security frameworks and security risk assessments on applications, technology projects, and third-party vendor software and solutions.
  • Provide input to the overall risk management strategy, both short and long term, based on the changing threat landscape and overall business objectives.
  • Develop and conduct security awareness training and related activities for the business.
  • Develop, collect, manage and present monthly information security (KRI/KPI) metrics.
  • Lead and foster the growth of the business security champion program.
  • Conduct basic security audits.

Qualifications
  • Minimum of 6-9 years experience in information security and risk management.
  • Bachelors or Masters degree in Computer Science preferably with a focus on Cybersecurity.
  • Professional information security certifications such as the CISSP, CISM, or CRISC.
  • Strong knowledge of common information security frameworks, including CIS Top 20 Controls, ISO 27001, and NIST 800-53 Series.
  • Knowledge and understanding of regulatory requirements and data types including ePHI, GDPR, HIPPA, and PII.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to both technical and non-technical audiences.
  • Exhibit strong analytical skills the ability to manage multiple projects under strict timelines, as well as the ability to work in a demanding, dynamic environment to meet overall objectives.
  • Ability to led cross-functional, interdisciplinary teams to drive risk mitigations efforts.

#RecruitPS
Dice Id : 90764204
Position Id : 380
Originally Posted : 10 months ago
Have a Job? Post it

Similar Positions

Information Security Engineer
  • AMS Staffing Inc.
  • New York, NY
Information Security Analyst
  • Abacus Group
  • New York, NY
Cyber Security Engineer
  • Gotham Technology
  • New York, NY
Security Analyst
  • Confidential Company
  • Parsippany-troy Hills, NJ
Information Security Consultant
  • Kforce Technology Staffing
  • New York City, NY
Sr. Network Security Analyst, Information Technology Services
  • UJA-Federation of New York
  • New York, NY
NETWORK SECURITY ANALYST
  • Staffing Solutions USA
  • Clifton, NJ
Information Security Architect
  • Stratus Technology Services, LLC
  • New York, NY
Cyber Security Analyst
  • AllSTEM
  • Englewood Cliffs, NJ
Cyber Security and Information Risk Engineer
  • Aegistech Inc.
  • New York, NY
Security Engineer
  • Lenmar Consulting
  • Jersey City, NJ
Associate Director, IT Security
  • Wolters Kluwer
  • New York, NY