Information Security Analyst

Boston, MA / Remote


  • Determine current state of cybersecurity controls through interviews and evidence, and identify where they do not meet policy or regulatory requirements.
  • Work with technology owners to define and plan control enhancements efforts to reduce risk and satisfy regulatory requirements.
  • Create technology roadmaps to illustrate current state and the path to our desired state.
  • Support Cybersecurity governance through reporting and tracking of projects for broader awareness.
  • Participate in the third party assessment process.
  • Conduct risk assessments.


  • Working knowledge of NIST 800-53 or how to work with cybersecurity frameworks in general.
  • Breadth of knowledge on cybersecurity controls.
  • Strong organizational and analytical skills.
  • Ability to organize and run effective meetings.
  • Strong analytical and communication skills.
  • Interpersonal skills to develop strong collaborative working relationships with a broad range of constituents.