Senior Security Analyst

  • location: New York, NY
  • type: Contract
  • salary: $50 - $60 per hour
easy apply

job description

Senior Security Analyst

job summary:
Senior Security Analyst in midtown, Manhattan. This individual will report directly to the Third Party Risk Management Director and partner with the business, corporate and agency IT teams to understand the services our agencies provide clients, the data they handle and risks associated with use of outsourced services and suppliers. This individual will make recommendations on how to mitigate any risks identified. A well-qualified candidate will be comfortable working with business and IT leadership to embed a security-focused mindset.

location: New York, New York
job type: Contract
salary: $50 - 60 per hour
work hours: 9am to 6pm
education: Bachelors
  • Assists with all phases of the Third Party information security risk assessment and program.
  • Reviews security assessment reports and questionnaires.
  • Leads discussions around remediation activity and compensating controls to help manage risk. Influences remediation when necessary.
  • Supports the Exception Management process.
  • Leverages innate knowledge of technical security concepts including authentication, authorization, data security, application security, cloud services and secure architecture concepts to identify security gaps and convey the importance of security to businesses.
  • Communicates and presents risks and remediation activity in a clear manner to non-technical audiences.
  • Provides support when there is a request from a supplier to redline/modify security contract language.
  • Assists with creation, updating, and preparation of final versions of documents, including Policy, Standard Operating Procedures (SOP) and Work Instructions.
  • Provides recommendations to identify areas of improvement for processes, procedures and workflows.
  • Assists in special projects on an as-needed basis.
  • Bachelor of Science in Computer Information Systems, Computer Science, Information Systems Management, related field or equivalent work experience
  • Experience with IT technology, infrastructure, applications and architecture
  • Awareness of the external threat landscape
  • Experience with the following industry/regulatory requirements and frameworks: ISO27001, COBIT, SOC2, SOX, NIST 800-53, NIST CSF or FAIR
  • CISSP required
  • CISA, CISM, CRISC, CCNA, CCENT, CCNP, GSEC, MCSA certifications are preferred
  • Ability to appropriately balance information security posture with business risk
  • Ability to work with manual processes, where advanced systems are not yet established
  • Experience in implementing and working with vendor risk management GRC technology (preferred)
  • Excellent written and oral communications skills and ability to articulate and present information to all levels of management
  • Excellent analytical and problem-solving skills

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

easy apply

get jobs in your inbox.

sign up

related jobs

    Senior Server Engineer

  • location: Woodbridge, NJ
  • job type: Permanent
  • salary: $120,000 - $140,000 per year
  • date posted: 3/8/2018

    Senior Systems Engineer

  • location: New York, NY
  • job type: Contract
  • salary: $65.97 - $74.21 per hour
  • date posted: 1/11/2019