Information Security Analyst I

What will you bring?

• Conduct Due Diligence / RFP Security Questionnaire Response and annual response quality certification.
• Gain proficiency in Smarsh products knowledge for compliance evidence and audits.
• Support InfoSec GRC leader to develop the ISO27001 program strategy, charter, and ISMS Manual.
• Support technical risk reporting based on monitoring internal and external vulnerabilities, ensuring timely resolution, and creating vulnerability assessment reports
• Test and manage vendor risk assessment tools and processes
• Contribute to establishing an Information Security Policy program for ISO27001 ISMS audits and assisted in developing an ISMS reporting dashboard for the council.
• Supported the launch of firm-wide cybersecurity awareness training and reported on completion metrics
• Helped support the Smarsh Business Continuity Charter, Strategy, Program, and Test planning across products and Corp IT.
• Help develop performance metrics and a Risk reporting dashboard.

What will you bring?

• 1+ years of Information Security professional experience.
• Bachelor's degree is desired.
• Demonstrated experience of being an effective team player.
• Demonstrated successful experience with risk assessment and vendor management tasks.
• Experience producing reporting.
• Have built a network of peers in their field and have various industry experiences.
• Be able to share their knowledge of the relevant regulatory environment and clearly articulate risk management concepts and the process of risk assessments.
• Data analytical skills and know where to seek Information Security risk reporting guidance.
• Can highlight situations when their ethics were strengthened by experiences.
• Be able to prove their effectiveness as a team player.
• Have curiosity about how we protect information.