INFORMATION SECURITY ANALYST - HYBRID

Overview Location: Hybrid (3 days onsite, 2 days remote) north of Pittsburgh, PA

Job Type: Full Time / Contract

Work Authorization: No Sponsorship

The A.C.Coy company has an immediate opening for an Information Security Analyst.

Ideal candidates must have experience delivering projects for an Information Security Group and acting as a technical SME regarding SOC 2 assessments and security control framework.

Responsibilities

Support the delivery of projects for the Information Security Group and the broader Global Technology Operations team

Act as a technical SME regarding SOC 2 assessments and security control framework

Support Clients’s SOC 2 assessment, working with internal stakeholders to evidence security controls in operation

Work with stakeholders to review and update Clients’s security controls framework in line with recent changes to NIST and CIS controls

Coordinate stakeholders across the organization to disseminate assessment findings and coordinate remediation

Work closely with project managers on outlining key tasks, refining delivery plans

Qualifications

Experience working internally to deliver a SOC 2 certification, working with internal stakeholders to evidence controls and interfacing with external auditor - 3+ years

Experience working with virtual server and desktop environments such as VMware and Citrix - 3+ years

Familiarity with security frameworks such as NIST800, CIS, ISO27001 - 2+ years

Familiarity with security and privacy regulations impacting financial services such as SOX and GDPR - 2+ years

CISSP, CCSP, CompTIA Security+, GIAC security essentials certifications - Preferred