Job Title: Cyber Control Findings Analyst
Job Summary:
As a Cyber Control Findings Analyst, you'll play a crucial role in safeguarding our organization by reviewing, monitoring, and resolving security findings. This position involves various duties and qualifications to ensure our systems remain secure and compliant.
Key Responsibilities:
-
Risk and Vulnerability Assessments: Conduct assessments, validation testing, compliance reviews, and audits following NIST standards.
-
ISO 27001 and SOC 2 Audits: Manage and support SOC 2 and global ISO 27001 audits.
-
Promoting ISO 27001 Standards: Advocate for the widespread implementation of ISO 27001 standards.
-
Central Repository for Audit Evidence: Maintain and monitor a central repository for audit evidence.
-
Stakeholder Communication: Inform relevant stakeholders about significant concerns and hazards.
-
Collaboration with Departments: Work with corporate IT, procurement, and privacy departments to align with Governance, Risk, and Compliance (GRC) objectives.
-
Stay Updated: Keep abreast of industry procedures and methods.
Required Skills and Experience:
-
Bachelor's degree in information cybersecurity, risk management, governance, or a related field.
-
5+ years of direct experience in information security, with a focus on risk and compliance.
-
Expertise in conducting ISO 27001 and SOC 2 audits and handling audit responses.
-
Knowledge of relevant regulatory compliance requirements (ISO 27001, SOC 2, NIST, FedRamp, CMMC, PCI, GDPR, etc.).
-
Familiarity with identity management standards, cloud storage, and disaster recovery.
-
Proficiency in GRC tools and best practices (e.g., ZenGRC, OneTrust, Archer).
-
Strong attention to detail and effective communication skills.
Preferred Qualifications:
-
ISO 27001 Lead Auditor, CISA, CISM, or CISSP certification.
Job Details:
Location: New York, NY
Duration: Long-term contract (6 months with potential to extend to a full year)
Department: Information Security
Reports To: Cybersecurity Manager
Onsite: 3 days a week (Tuesday, Wednesday, Thursday)