About this position
Junior IT Security Compliance Analyst
At Five Rivers IT, we build and service reliable IT infrastructures for midsized businesses. Five Rivers IT has been growing at a consistent rate of 30% a year for the last 3 years.
We are in search of an IT Security Compliance Analyst to join the dynamic team of professionals providing world-class IT services to its clients in the NYC metro area. This is a great opportunity for a self-starter with a proven track record to develop, implement, and support various initiatives in the area of governance, risk and compliance.
Responsibilities:
Maintain proactive ongoing compliance by utilizing GRC compliance tool to perform periodic security tasks and checks.
Establish and manage Written Information Security Policies (WISP) ensuring a formal, defined, and consistent process for managing information security
Perform Gap Assessment against established policy
Liaison with Engineering/IT by coordinating requests for information and coordinating responses to any observations.
Monitor and analyze security systems to identify irregularities that can lead to potential threats.
Responsible for Incident Management, be readily available for: Incident documentation, ensure risk analysis and severity, manage containment, lead investigation, ensure proper notification protocol, conduct & document lessons learnt, Report on findings and to then communicate them to the client.
Conduct Vulnerability Management Program.
Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence.
Provide actionable, technical advice to engineers to enhance security control design & effectiveness (including for cloud environments)
Required Qualifications:
Bachelor's in Computer Science, Computer Engineering, Information Systems or related field or equivalent work experience
Up to 2 years of experience managing Information Security audits (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA)
Experience implementing security techniques, practices, and controls that can be applied to address risks
Experience operating as part of an Information security program in alignment with common information technology management frameworks such as ISO 27001, NIST, CIS, ITIL, COBIT, etc.
Strong written and verbal communication skills
Strong program management skills
Experience working closely with auditors and/or external regulators
Experience managing security tools
Preferred Qualifications:
Experience with Audit Management tools
Security certification e.g. Security+, Network +, A+ etc.
Prior experience leading or managing security audits at a SaaS/Cloud company or as a Security Auditor at an audit firm
Systems Admin or Network Admin experience implementing security controls
Other Details about the Job
This job requires working for multiple clients across multiple environments in a managed services setting.
This is a Full-Time position.
This role is in-person and requires the candidate to be able to be in the office 5 days a week.
All standard benefits are included such as medical/dental/vision insurance and vacation time.
We encourage and reward professional certifications.
Please send your resume with the expected salary. Applications lacking expected salary will not be considered.
Powered by JazzHR
Salary Information