Senior Cybersecurity Analyst
Security | Arlington, TX | Full Time
The Cybersecurity Analyst is responsible for executing a portion of our client's Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by organizing information, enabling risk management decisions, and addressing threats to ensure the security of company systems and information assets. The Cybersecurity Analyst is responsible for contributing to the success of comprehensive security initiatives, work with internal and external groups to ensure the program is operating effectively and efficiently, and develop strong partnerships with business partners across the enterprise to ensure company information assets are protected at the appropriate level.
- Primarily responsible for, but not limited to, performing information security risk assessments and control testing.
- Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices.
- Performs design and operating effectiveness testing on information security
- Works with cyber security leadership to coordinate control requirements and control reporting.
- Facilitates information security self-assessments with the business and technology teams.
- Performs information security maturity assessments.
- Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments.
- A successful background in Information Security and/or Audit, specifically with the NIST 800-53 framework
- Experience with financial frameworks such as FFIEC would be a plus
- 2 to 3 years of experience with ServiceNow, Archer or similar GRC Management Solution
- Significant experience with process analysis (e.g. process mapping)
- Significant experienced with documenting processes for applications and/or systems
- This position requires leadership skills and project management experience, as well as expertise to ensure effective system-wide security analysis; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.