Saxon Global
Information Security Analyst
Saxon Global, Boston, Massachusetts, us, 02298
Role - Information Security Analyst
Rate - $60/hr on C2C
Work Auth - All Except H1B
Onsite Role client in the Boston, MA area is seeking a highly skilled and detail-oriented Information Security Analyst to join the Office of the Chief Information Security Office (CISO) team.
Summary: The ideal candidate will be responsible for coordinating internal and external audits, performing comprehensive risk assessments, and developing robust security policies. This role requires a deep understanding of security frameworks, regulatory requirements, and best practices to ensure the organization's information assets are protected against potential threats.
Key Responsibilities: * Coordinate security audits between 3rd party auditors and IT teams * Meet with auditors and confirm scope of engagements * Gather and organize responses and evidence * Consolidate materials and analyze content for completeness and accuracy * Solicit and coordinate reviews with security team SME(s) * Present information to auditors and other key stakeholders * Document and track progress of Corrective Action Plans * Policy and Procedure administration * Manage catalog of Information Security Policies and Procedures * Ensure annual reviews and updates are complete * Work with the Risk Management team to identify business impact of policies * Conduct Internal IT risk assessments * Interview SMEs and document in-place controls against NIST800-53 * Identify control deficiencies * Drive remediation of deficiencies * Facilitate Risk assessments of 3rd party vendors * Maintain schedule of assessments * Maintain 3rd party vendor questionnaires * Coordinate assessments between vendor, and business * Collect and consolidate responses * Escalate 3rd party vendor control weaknesses to security team SME(s)
REQUIREMENTS: * Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable * Minimum of 3-5 years of experience in information security, risk management, or a related field * Experience with risk assessment methodologies and tools * Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001, COBIT) * Excellent analytical and problem-solving skills * Strong written and verbal communication skills, with the ability to convey complex information to a non-technical audience * Detail-oriented with strong organizational skills and the ability to manage multiple tasks simultaneously * Proactive approach to identifying and mitigating security risks * Strong interpersonal skills and the ability to work effectively with stakeholders at all levels of the organization * High level of integrity and ethical conduct * Commitment to continuous improvement and staying updated with the latest security trends and technologies * Ability to work independently and as part of a team
Rate - $60/hr on C2C
Work Auth - All Except H1B
Onsite Role client in the Boston, MA area is seeking a highly skilled and detail-oriented Information Security Analyst to join the Office of the Chief Information Security Office (CISO) team.
Summary: The ideal candidate will be responsible for coordinating internal and external audits, performing comprehensive risk assessments, and developing robust security policies. This role requires a deep understanding of security frameworks, regulatory requirements, and best practices to ensure the organization's information assets are protected against potential threats.
Key Responsibilities: * Coordinate security audits between 3rd party auditors and IT teams * Meet with auditors and confirm scope of engagements * Gather and organize responses and evidence * Consolidate materials and analyze content for completeness and accuracy * Solicit and coordinate reviews with security team SME(s) * Present information to auditors and other key stakeholders * Document and track progress of Corrective Action Plans * Policy and Procedure administration * Manage catalog of Information Security Policies and Procedures * Ensure annual reviews and updates are complete * Work with the Risk Management team to identify business impact of policies * Conduct Internal IT risk assessments * Interview SMEs and document in-place controls against NIST800-53 * Identify control deficiencies * Drive remediation of deficiencies * Facilitate Risk assessments of 3rd party vendors * Maintain schedule of assessments * Maintain 3rd party vendor questionnaires * Coordinate assessments between vendor, and business * Collect and consolidate responses * Escalate 3rd party vendor control weaknesses to security team SME(s)
REQUIREMENTS: * Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable * Minimum of 3-5 years of experience in information security, risk management, or a related field * Experience with risk assessment methodologies and tools * Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001, COBIT) * Excellent analytical and problem-solving skills * Strong written and verbal communication skills, with the ability to convey complex information to a non-technical audience * Detail-oriented with strong organizational skills and the ability to manage multiple tasks simultaneously * Proactive approach to identifying and mitigating security risks * Strong interpersonal skills and the ability to work effectively with stakeholders at all levels of the organization * High level of integrity and ethical conduct * Commitment to continuous improvement and staying updated with the latest security trends and technologies * Ability to work independently and as part of a team