Information Security Analyst
Position: Information Security Analyst
Location: Remote (with occasional travel)
Salary: $90,000 - $105,000 (based on experience and geographic location)
About the Role:
We are seeking a talented and detail-oriented Information Security Analyst to join our client's dynamic team. As an Information Security Analyst, you will play a critical role in auditing and assessing security postures, ensuring compliance with leading industry standards, and guiding clients through the intricacies of information security frameworks such as PCI DSS, HIPAA/HITECH, GLBA, and ISO 27001.
This position offers the flexibility of remote work while occasionally requiring travel to client sites both domestically and internationally. You will be responsible for conducting PCI assessments, performing gap analyses, and delivering clear, actionable reports that drive improvements in our client's security environments.
Key Responsibilities:
Conduct comprehensive PCI assessments and gap analyses.
Execute auditing techniques and procedures to support assessment findings.
Develop detailed, customized reports on clients' control environments and assessment results.
Create a roadmap of actionable steps to enhance security posture and achieve compliance.
Communicate complex technical information effectively to diverse audiences, including executives and technical decision-makers.
Schedule and perform activities as outlined in Statements of Work (SOWs).
Provide consulting services to clients to understand assessment findings and remediation options.
Collaborate with Sales Professionals to offer presales and scoping assistance.
Continuously develop subject matter expertise in information security and privacy requirements.
Required Qualifications:
Certifications:
One of the following: (ISC)² CISSP, ISACA CISM, or ISO 27001 Lead Implementer.
One of the following auditing designations: ISACA CISA, GIAC GSNA, ISO 27001 Lead Auditor, ISO 27001 Internal Auditor, IRCA ISMS Auditor, or IIA CIA.
Education: Bachelor’s degree in Information Security, Cybersecurity, Information Technology, or a related field, or equivalent experience.
Skills & Experience:
Strong familiarity with security control processes and solutions including cloud security, vulnerability management, firewalls, IAM, SIEM, EDR, IDS/IPS, DLP, AV, FIM, WAF, cryptography, and software development.
General networking knowledge, including system technologies and communication protocols.
Excellent understanding of audit procedures.
Proficiency with MS Word, Excel, and PowerPoint.
Exceptional time management, organization, and communication skills.
Ability to work independently and handle interruptions in a challenging environment.
A positive attitude and a team-oriented mindset, with a drive to learn new technologies and audit techniques.
Benefits:
100% company-paid employee healthcare premiums (medical, dental, vision).
401k plan with company match.
Profit Sharing Plan.
Certification and training bonuses.
Monthly internet and well-being expense reimbursements.
Generous Paid Time Off (PTO) and personal days.
Opportunities for top-level industry certifications.
Work Environment:
This is a full-time remote position requiring self-motivation and the ability to complete projects on time. The role may involve variable working hours depending on project demands.
Are you ready to make a significant impact in the field of Information Security? If so, we invite you to apply for this challenging and rewarding role. Apply now and take the next step in your career with us at Locke and McCloud.
How to Apply:
Interviews are scheduled to take place next week so if you’re interested in hearing more about this and other roles, then please get in touch asap to discuss further at 520-329-5512 or send your Resume to a.ortiz@locke-mccloud.com
Locke & McCloud is the US's leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the US’s most exciting cyber security consultancies & end-users. Our focus on the information security space allows us to be able to help you find the most exciting opportunities in the cyber security market. If you are looking for your next cybersecurity or information security role, please get in touch!