Cyber Security Analyst

Please send your resume in WORD format should you be interested in the following Cyber Security Analyst position.

Our client is based out of the Los Angeles, CA area.

This is a full-time, direct hire role with a salary range of $120K
– $125K, + bonus and great benefits.

Job Title: Cyber Security Analyst

Location: Los Angeles, CA

Salary: $120K
– $125K, + bonus and great benefits

Term: Full-time, Direct hire

Bachelor’s Degree Required: Yes

3rd Party C2C/Transfer: No

Referral Fee: $500
– refer qualified colleague, friends, or family.

Vaccination Required: Yes

Please reply with an updated resume in Microsoft Word format

JOB DESCRIPTION

The Cyber Security Analyst will administer the completion of compliance-related client requests to assess security policies and procedures.

The Analyst will respond to inquiries on the security controls policy, processes, and procedures implemented for the Firm managed systems and applications.

The Analyst will also support Third Party Risk Management (“TPRM”) function in conducting vendor due diligence (initial, reassessments and ongoing monitoring).

This position requires strong communication skills, initiative, attention to detail and the ability to learn quickly.

In this capacity, the Cyber Security Analyst will:

Review and understand the Firm’s current IT Risk Management (“ITRM”) program framework and associated policies, standards, procedures and processes.
Develop understanding of the Firm’s current controls structure to support the development of standard security responses in response to client questionnaires (e.g., SIG).
Prepare and respond to related compliance requests including referencing evidentiary artifacts or other documentation.
Complete external information security assessments and support status tracking of assessment queues.
Coordinate with external assessors and internal subject matter experts to address compliance inquiries and web-share of security artifacts.
Assist in further defining the process for completing information security control assessments.
Support metrics and reporting of the Information Security Program through the collection and analysis of effectiveness security control measures.
Develop and maintain the status tracking related to findings from information security assessments, TPRM due diligence/reassessment assessments and associated remediations.
Contribute to the creation of security related processes and procedures and relevant documents.
Work with the CISO, senior managers, managers and other internal stakeholders to report existing information security program and ongoing security projects that address information security risks and compliance requirements.
Manage competing deadlines and multiple external inquires using effective organizational skills and attention to detail as demonstrated by prior work experience.
Assist TPRM in conducting third party due diligence requests, follow-up and monitoring reviews (e.g., SOC II Type II, SIG responses, Pen Test reviews, etc.).
Participate in efforts to evolve and streamline TPRM processes and procedures.
Collaborate with TPRM management and internal subject matter experts to support coordination, tracking, and reporting of TPRM team strategy and goals and complete other tasks as assigned.

In addition, the Cyber Security Analyst will be expected to have:

At least five years of combined information technology and information security experience.
Strong understanding of multiple risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT).
Demonstrated experience with the NIST Cybersecurity Framework and auditing security controls identified in NIST SP800-171 and NIST SP800-53A.
Experience working with internal and external auditing firms.
Strong understanding of information security concepts and technologies
Fundamental knowledge of MS Outlook, Word, Excel, Visio, and PowerPoint.
Strong communication skill with the ability to interact with various teams within the administrative and legal departments.
Experience in the analysis of IT and Security control requirements and understanding of associated technology processes.
Strong understanding of due diligence and compliance documents (e.g.

SOC II Type II, ISO 27001 Certification, SIG Questionnaires, Certificates of Insurance, Pen Test, etc.).

Qualifications:

A minimum of 5+ years professional work experience; and
Bachelor’s degree required.

Related Post