Softworld Senior Information Security Risk Analyst-RTH in Marlborough, Massachusetts

Senior Information Security Risk Analyst-RTH

  • Email a Friend

Apply to this job >

Date posted:

June 19, 2017

Job Type:

Contract to Hire

Location:

Marlborough, MA

Job ID:

223927

Description:

Softworld’s client is hiring a Senior Information Security Risk Analyst. The individual in this role will be a key member of our Information Security Risk and Controls team, with initial primary responsibilities of working directly with the business, technology leads, and service providers performing detailed technical information security assessments highlighting risks and providing recommendations and designs for greater risk resiliency. Additionally, the individual will be, supporting risk assessment and controls design of internal solutions and architectures including highly “cloud first” development and continuous integration models. This individual will also enjoy the opportunity to work on developing new security models for public cloud, IaaS, and SaaS solutions, and will work closely with our Cyber Defense and Security Operations teams in a very hands-on and collaborative environment in the financial management industry. The successful individual hired into this role will enjoy opportunities to explore and evaluate additional Information Security, cloud computing, and control technologies.

Qualifications: The role is based in Marlborough but there is periodic (weekly) travel to Boston offices. If the resource wants to be based in Boston and travel 2 days to Marlborough per week, the manager would be open to that as well. 10 plus years in Information Security or related roles such as Systems Architecture, Network Architecture, Systems Administration, etc., including 5 plus years of experience in an Information Security Risk role. Experience performing risk assessments as well as working with internal teams to advise on risk is highly desired. A solid foundation of technical knowledge is required to be successful in this role, including but not limited to technical depth in areas such as: Public Cloud Security Models, Data Encryption, Access Control, Security Architecture, Identity Federation Models, and Vulnerability Management. Experience helping to design, grow, and work within a formal qualitative Information Security risk management program. Experience in designing, deploying, or assessing information security technology, processes, and controls. Significant breadth of technical experience and critical analysis skills sufficient to perform detailed risk analysis on a variety of technologies and use cases. The successful candidate will have the technical depth and analysis capabilities necessary to be proficient when examining controls and identifying risk in areas such as could infrastructure, data encryption, access control, security architecture, information security policy and standards, and vulnerability management. CISSP is preferred. Excellent written and verbal communication skills are required as this individual will interface with business users, outside vendors and IT teams.