Information Security Analyst
Boston, MA / Remote
- Determine current state of cybersecurity controls through interviews and evidence, and identify where they do not meet policy or regulatory requirements.
- Work with technology owners to define and plan control enhancements efforts to reduce risk and satisfy regulatory requirements.
- Create technology roadmaps to illustrate current state and the path to our desired state.
- Support Cybersecurity governance through reporting and tracking of projects for broader awareness.
- Participate in the third party assessment process.
- Conduct risk assessments.
- Working knowledge of NIST 800-53 or how to work with cybersecurity frameworks in general.
- Breadth of knowledge on cybersecurity controls.
- Strong organizational and analytical skills.
- Ability to organize and run effective meetings.
- Strong analytical and communication skills.
- Interpersonal skills to develop strong collaborative working relationships with a broad range of constituents.