Security & Compliance Analyst Jobs

Security & Compliance Analyst

**US CITIZENS or GREEN CARD HOLDERS ONLY

**NO Corp to Corp or Sponsorships available

Salary: $85-130k

100% REMOTE

_________________________

Overview

The role of the Security & Compliance Analyst requires a seasoned employee who is skilled, knowledgeable and has the credibility and communication skills needed to consult with financial services, government and professional services clients at the Manager and C-suite levels on an ongoing basis. Deep knowledge of information security, state and federal compliance requirements, particularly in the financial services industry, and business operations is essential.

Duties include:

·Acts as the Virtual Chief Information Security Officer (VCISO) for financial, government, and professional services clients, including:

omonthly report review and client consultation

oinformation security status presentations at IT Steering and Board meetings

oongoing consultative advice and incident support

oinformation security education/training

oparticipation in client IT audits and examinations

·Develops, Maintains and Performs Security Assessments against relevant frameworks, including but not limited to:

oFFIEC Information Security & Cybersecurity Guidance

oGraham-Leach Bliley Act (GLBA)

oCenters for Internet Security (CIS18)

oNY Department of Financial Services Cybersecurity Reg 500

oSEC OCIE Cybersecurity Initiatives

oNIST Standards by Industry

oCMMC, ITAR, FedRAMP

oSOC 1 and 2 Preparation

oSarbanes-Oxley IT General Controls

·Customizes and provides the Written Information Security Program service for financial, government, and professional services clients.

·Deploys live, web-based Cybersecurity Awareness Training to Board of Directors and employees.

·Provides Business Continuity Management Planning Services to financial, government and professional services clients, including:

oCustomization of Business Continuity Management Plans to client environments

oBusiness Impact Analysis to establish Critical Processes

oBusiness Continuity Risk Assessment

oBusiness Continuity Tabletop Testing

oBusiness Continuity Management Plan Training

·Provides Incident Response Services to financial, government and professional services clients, including:

oCustomization of Incident Response Plans in accordance with applicable state and federal requirements as well as client needs

oIncident Response Plan Tabletop Testing

oIncident Response Plan Training

·Interfaces with various teams to the benefit of overall client security infrastructure including but not limited to verticals, account teams, service delivery, engineering.

·Maintains in depth knowledge of the security features and capabilities of service offerings. Works with Solutions Architects to provide quotes and agreements for managed and security services.

·Provides consultation to customers and co-workers regarding security threats and compliance mandates.

Qualifications:

• BA or BS degree or equivalent combination of relevant education and experience
• 5+ years of work experience in technology risk, governance, compliance, information security, or cybersecurity
• Certification in Information Security, Risk or Compliance Preferred
• Excellent verbal and written communication skills

·Ability to multi-task and manage multiple priorities

·Ability to deal with changing priorities to complete tasks in a short period of time

·Solid organizational and time management skills

·Commitment to client service with good initiative and follow-through