Information Security Analyst
3 weeks ago
- Information Security & Privacy Project Management - Oversee, coordinate, and support functional process audit and assessments to ensure process compliance. Develop instructional and procedural documentation and presentations to support and communicate Information Security and Privacy Program strategic objectives. Prepare and maintain policy, standards, guidelines, processes, and procedures based on National Institute of Science & Technology (NIST) and International Organization for Standardization (ISO) best practices while leading framework implementation and ongoing improvement. Work collaboratively with other stakeholders to achieve compliance objectives for the overall program.
* Information Security & Privacy Audit Management - Assess technology related compliance issues across the organization including information security, privacy, identity management, user access, and data integrity. Ensure alignment of practices with ethical, regulatory, and commercial requirements with policies and procedures. Build scalable and efficient processes related to corrective actions and product compliance needs.
* Risk Program Management - Identify, assess, and mitigate risk to company's technologies and services. Work closely with Information Technology and Engineering teams to develop strategies and plans to assess risks. Work with technical stakeholders to develop and approve risk treatment projects and establish clear objectives for risk mitigation. Track risk items and assist technical teams with prioritization and project scoping for information security and privacy program driven risk projects.
* Incident Response Leadership - Lead incident response processes under the guidance of the Director of Information Security. Set goals, priorities, and strategies for the Incident Response Team (IRT) and oversee execution and evaluation of the response actions. Liaise with senior management, external stakeholders, and regulatory authorities, and ensure compliance with legal and ethical obligations.
* Threat Intelligence Program Management - Combine contextual knowledge about the overall threat landscape with analytical skills to gather information to monitor, assess, and report on risks that could affect the company. Conduct private data collection and evaluation to synthesize a range of sources to build out a complete picture of a risk posture that informs the actions the company takes to mitigate these risks. Produce short-term and long-term evaluations so compliance and IT teams better understand what to expect from a threat perspective, and what they can do to get ahead of any potential attacks or . Perform other duties as assigned.
* 10+ years of related experience.
* Expertise in various Information Security & Privacy Frameworks such as the Secure Controls Framework, NIST CSF, NIST 800-171, NIST 800-53, NIST Privacy Framework, ISO-27001, ISO-27701, GDPR, US & other global privacy regulations.
* Work experience in other Information Security, Privacy, and/or Information Technology disciplines such as software development, help desk, networking, systems administration or similar in conjunction with professional certifications such as CIPP, CIPM, CIPT, CCSP, CGRC, CRISC, CDPSE, CGEIT, CISA, ISO Lead Implementor, ISO Internal Auditor, and AWS Associate or Professional level certifications.
* Cyber, information security, and/or privacy internal audit experience.
* Intermediate or higher level of knowledge in at least one scripting or software development language such as PowerShell, Bash, Java, or Python.
* Good written and oral communication skills, deductive reasoning, and analytical investigative skills.
* Good interpersonal skills to facilitate positive relations between business groups.
* Good leadership, decision-making, and communication skills, as well as a broad knowledge of the Company's business and security objectives
* 5-7 years related experience
* Bachelor's degree (Information Technology, Cyber Security, Computer Science) - Non-degree considered if 12+ years of related experience along with a high school diploma or GED
- GRC platform -- 3rd party risk assessments
- Any scripting experience
-
Information Security Analyst
2 days ago
New York, United States Assured Guaranty Full timePosition Summary The goal of information security is to protect the confidentiality, integrity, and availability of information assets. The information security team is responsible for defining and implementing security policy and standards and continuously monitoring for new threats. The Information Security Analyst is a hands-on technical role, responsible...
-
Information Security Analyst
3 weeks ago
New Hyde Park, United States Newtek One Full timeJob DescriptionJob DescriptionNewtekOne®, Your Business Solutions Company®, is a financial holding company, which along with its bank and non-bank consolidated subsidiaries, provides a wide range of business and financial solutions under the Newtek® brand to the small- and medium-sized business ("SMB") market. Since 1999, Newtek has provided...
-
Information Security Analyst
2 days ago
New Hyde Park, United States Newtek One Full timeJob DescriptionJob DescriptionNewtekOne®, Your Business Solutions Company®, is a financial holding company, which along with its bank and non-bank consolidated subsidiaries, provides a wide range of business and financial solutions under the Newtek® brand to the small- and medium-sized business ("SMB") market. Since 1999, Newtek has provided...
-
Information Security Analyst
1 week ago
New York, United States ASCAP Full timeJob DescriptionJob DescriptionAbout ASCAPThe American Society of Composers, Authors and Publishers (ASCAP) is a membership association of more than 960,000 songwriters, composers and music publishers, and represents some of the world’s most talented music creators. Founded and governed by songwriters, composers and publishers, it is the only performing...
-
Information Security Analyst
2 days ago
New York, United States ASCAP Full timeJob DescriptionJob DescriptionAbout ASCAPThe American Society of Composers, Authors and Publishers (ASCAP) is a membership association of more than 960,000 songwriters, composers and music publishers, and represents some of the world’s most talented music creators. Founded and governed by songwriters, composers and publishers, it is the only performing...
-
Information Security Analyst
2 weeks ago
New York, United States Datadog Full time**Who we are**: The Customer Trust team is the face of Datadog's security organization. Members of the Customer Trust team interact directly with our customers, and translate customer security and compliance requirements into the overall Datadog information security program. You will support the sales organization in the procurement phase and ongoing vendor...
-
Information Security Analyst
2 weeks ago
New York, United States Saxon Global Full timeWhat you'll do: • Establish a strategic security architecture vision, including standards and frameworks that are aligned with the overall business and IT strategies • Act as information security subject matter expert; provides advisory and consulting services to business, IT departments, and IS management • Work closely with Enterprise...
-
Information Security Analyst
2 days ago
New York, United States Saxon Global Full timeWhat you'll do: • Establish a strategic security architecture vision, including standards and frameworks that are aligned with the overall business and IT strategies • Act as information security subject matter expert; provides advisory and consulting services to business, IT departments, and IS management • Work closely with Enterprise...
-
Information Security Analyst
1 month ago
New York, United States eTeam Full timeSkills and Experience: +3 years experience in information security, governance, IT audit, or information technology risk management Experience with risk assessments and compliance of major regulatory initiatives (e.g. SOX, NYDFS) Experience with cyber security and information security program management and frameworks (e.g., NIST CSF, ISO/IEC 27000,...
-
Information Security Analyst
2 days ago
New York, United States eTeam Full timeSkills and Experience: +3 years experience in information security, governance, IT audit, or information technology risk management Experience with risk assessments and compliance of major regulatory initiatives (e.g. SOX, NYDFS) Experience with cyber security and information security program management and frameworks (e.g., NIST CSF, ISO/IEC 27000,...
-
Sr. Information Security Analyst
1 day ago
New York, United States Quorum Federal Credit Union Full timeWho is Quorum?Quorum Federal Credit Union is a national employer of choice that attracts, develops, enables, and retains the right resources to drive the organization forward. We are a human-centered organization that delivers a positive work journey and is committed to enhancing the lives of our employees and helping them to grow personally and...
-
Information Security GRC
7 days ago
New York, United States Adobe Full timePlan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings. Identify internal controls issues, ensure they are well-defined and root causes are identified. Build and maintain...
-
Information Security GRC
2 days ago
New York, United States Adobe Full timePlan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings. Identify internal controls issues, ensure they are well-defined and root causes are identified. Build and maintain...
-
Information Governance Analyst
5 days ago
New York, United States Considine Search Full timeSummaryThe New York office of an elite Global Law Firm is looking to hire an experienced Information Governance Analyst to join the Electronic Information Governance Department. The Information Governance Analyst provides day to day services in support of Firm and client needs, assuring electronic information is secured and monitored, and IS compliance...
-
Information Governance Analyst
2 days ago
New York, United States Considine Search Full timeSummary The New York office of an elite Global Law Firm is looking to hire an experienced Information Governance Analyst to join the Electronic Information Governance Department. The Information Governance Analyst provides day to day services in support of Firm and client needs, assuring electronic information is secured and monitored, and IS compliance...
-
Information Governance Analyst
2 days ago
New York, United States Considine Search Full timeSummaryThe New York office of an elite Global Law Firm is looking to hire an experienced Information Governance Analyst to join the Electronic Information Governance Department. The Information Governance Analyst provides day to day services in support of Firm and client needs, assuring electronic information is secured and monitored, and IS compliance...
-
Information Governance Analyst
2 months ago
New York, United States AMS Staffing, Inc. Full timeJob DescriptionJob DescriptionJob Title:Information Governance AnalystLocation:NY/NJ vicinity Work Environment:Hybrid Work Week (2-days onsite)Salary:$130K to $150K plus a performance-based bonusTerm:Full-time3rd Party C2C/Transfer:NoReferral Fee: $500 -Refer qualified colleagues, friends, or family.***Please reply with an updated resume in Microsoft Word...
-
Information Governance Analyst
2 days ago
New York, United States AMS Staffing, Inc. Full timeJob DescriptionJob DescriptionJob Title:Information Governance AnalystLocation:NY/NJ vicinity Work Environment:Hybrid Work Week (2-days onsite)Salary:$130K to $150K plus a performance-based bonusTerm:Full-time3rd Party C2C/Transfer:NoReferral Fee: $500 -Refer qualified colleagues, friends, or family.***Please reply with an updated resume in Microsoft Word...
-
Information Governance Analyst
1 month ago
New York, United States Considine Search Full timeSummaryThe New York office of an elite Global Law Firm is looking to hire an experienced Information Governance Analyst to join the Electronic Information Governance Department. The Information Governance Analyst provides day to day services in support of Firm and client needs, assuring electronic information is secured and monitored, and IS compliance...
-
Information Governance Analyst
3 weeks ago
New York, United States Considine Search Full timeSummaryThe New York office of an elite Global Law Firm is looking to hire an experienced Information Governance Analyst to join the Electronic Information Governance Department. The Information Governance Analyst provides day to day services in support of Firm and client needs, assuring electronic information is secured and monitored, and IS compliance...