Information security analyst

  • Category
    IT
  • Location
    Boston, Massachusetts
  • Type
    Contract
100% remote role 

Information Security Engineer Description Temporary Employee / Contractor to assist Analysis and Engineering staff in their standard operating items.
The individual will be expected to work on tasks such as risk assessments, requirements and solution design, incident response, security awareness initiatives, documentation of processes and procedures, and other aspects of the Information Security Program.

The role requires working with technical and non-technical staff on corporate initiatives, including but not limited to the integration of two orgs
The Basics:

• Experience working with FDIC, SOX, SEC regulators, audits and examinations
• Working knowledge of application security frameworks, standards, and risk assessment methodologies
• General understanding of key security standards and regulations (ISO, FFIEC, Cyber framework, GLBA, SEC, SOX, etc.)
• General understanding of application security frameworks (NIST), standards, and risk assessment methodologies including cloud technologies
• General understanding of security toolsets (SIEM, DLP, Anti-virus, etc.)
• Strong interpersonal, presentation, and written communication skills • Ability to collaborate with technical and non-technical peers

Education and Experience:
• College Degree or equivalent work experience required
• 1-3 years’ experience working in a hands-on technical security role Certifications [preferred]
• Information Security professional certification (CISSP, CISA, GIAC, or equivalent) is highly desirable Knowledge
• Knowledgeable in Data programs – AWS, Data governance, BI tools (Informatica)
• Knowledgeable in Finance programs – Accounting, Treasury, Procurement, Reconciliation, FP&A
• Knowledgeable in banking audit and regulatory practices; ensuring fully compliant with corporate standards
• Knowledgeable in cybersecurity is a plus Responsibilities:
• Support current staff in completing integration deliverables as well as maintaining business as usual in legacy environment.
• Assist existing staff in documentation, and participation in solutions that address the balance of business requirements and Information Security requirements, including cloud technologies, to mitigate emerging threats.
• Perform risk assessments of Enterprise applications and processes with respect to defined risk thresholds and regulatory requirements. • Identify, communicate, and assess new and current threats and risks to systems, applications, and technologies to improve security posture of the Enterprise
. • Assist existing staff in assessing emerging technologies against current security posture to determine gaps, overlap with existing solutions, or extend capabilities
. • Aid the security team in responding to information security events including but not limited to requests including malware analysis, log and security alert review and perform incident response activities as necessary
• Assist with ongoing, hands-on configuration and management of current and future security technologies
• Work closely with cross-functional peers to assure security best practices have been implemented for people, processes, and technology
• Perform various duties around the formation, delivery, and maintenance of Information Security Program (e.g. monitoring, awareness, reporting)
• Participate in Information Security meetings, audits, and activities as necessary
• Perform any and all other assigned Information Security Program tasks and functions.

Qualifications
• College Degree or equivalent work experience required
• 1-3 years’ experience working in a hands-on technical security role
• Experience working with FDIC, SOX, SEC regulators, audits and examinations
• Working knowledge of application security frameworks, standards, and risk assessment methodologies
• General understanding of key security standards and regulations (ISO, FFIEC, Cyber framework, GLBA, SEC, SOX, etc.)
• General understanding of application security frameworks (NIST), standards, and risk assessment methodologies including cloud technologies
• General understanding of security toolsets (SIEM, DLP, Anti-virus, etc.)
• Strong interpersonal, presentation, and written communication skills
• Ability to collaborate with technical and non-technical peers
• Information Security professional certification (CISSP, CISA, GIAC, or equivalent) is highly desirable

#ZR
#LI-MB1
Related Jobs
  • Senior IT Project manager
     Summary: This company is seeking an IT Project Manager to oversee the application of project management methodology during all phases of the project cycle, with responsibilities that include project design, scope management, cost control, quali
    • Waltham, Massachusetts
    • Contract
      IT
    FIND OUT MORE
  • Lead DevOps Engineer - SaaS - Drug Therapies (Remote / USA ONLY) - 200k
    Compensation: up to $200,000.00 salary based on seniority/experience, + health, dental, 401k, profit sharing, bonus and more! Work from home / REMOTE from your home office. CANDIDATES MUST BE IN THE CONTINENTAL USA. About the company: Esta
    • Boston, Massachusetts
    • Direct hire
      IT
    FIND OUT MORE
  • Senior voice engineer
    PURPOSE AND SCOPE: Determines voice strategies and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. Determines voice req
    • Waltham, Massachusetts
    • Contract
      IT
    FIND OUT MORE
Ready to work with us?