Information Security Analyst Job at Saxon Global in South Boston

Role - Information Security Analyst Rate - $60/hr on C2C Work Auth - All Except H1B Onsite Role client in the Boston, MA area is seeking a highly skilled and detail-oriented Information Security Analyst to join the Office of the Chief Information Security Office (CISO) team. Summary: The ideal candidate will be responsible for coordinating internal and external audits, performing comprehensive risk assessments, and developing robust security policies. This role requires a deep understanding of security frameworks, regulatory requirements, and best practices to ensure the organization's information assets are protected against potential threats. Key Responsibilities: Coordinate security audits between 3rd party auditors and IT teams Meet with auditors and confirm scope of engagements Gather and organize responses and evidence Consolidate materials and analyze content for completeness and accuracy Solicit and coordinate reviews with security team SME(s) Present information to auditors and other key stakeholders Document and track progress of Corrective Action Plans Policy and Procedure administration Manage catalog of Information Security Policies and Procedures Ensure annual reviews and updates are complete Work with the Risk Management team to identify business impact of policies Conduct Internal IT risk assessments Interview SMEs and document in-place controls against NIST800-53 Identify control deficiencies Drive remediation of deficiencies Facilitate Risk assessments of 3rd party vendors Maintain schedule of assessments Maintain 3rd party vendor questionnaires Coordinate assessments between vendor, and business Collect and consolidate responses Escalate 3rd party vendor control weaknesses to security team SME(s) REQUIREMENTS: Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable Minimum of 3-5 years of experience in information security, risk management, or a related field Experience with risk assessment methodologies and tools Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001, COBIT) Excellent analytical and problem-solving skills Strong written and verbal communication skills, with the ability to convey complex information to a non-technical audience Detail-oriented with strong organizational skills and the ability to manage multiple tasks simultaneously Proactive approach to identifying and mitigating security risks Strong interpersonal skills and the ability to work effectively with stakeholders at all levels of the organization High level of integrity and ethical conduct Commitment to continuous improvement and staying updated with the latest security trends and technologies Ability to work independently and as part of a team