Risk and Security Analyst in Cambridge, MA at Eliassen Group

Date Posted: 10/16/2020

Job Snapshot

Job Description

We have an exciting opportunity for a Risk and Security Analyst with our industry-leading client in Cambridge, MA.

We will accept corp to corp or w2 contractors. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Responsibilities:

  • Provide professional and technical information assurance and security expertise to support the design, implementation and operation of enterprise governance, risk and compliance (GRC).
  • Write Policies and related supporting documentation, such as standards and procedures
  • Help develop processes to support GRC business needs using tools to automate these processes.
  • Contribute to the enhancement/refinement of the Information Security Risks & Controls library
  • Assist with the development and implementation of controls in alignment with NIST standards: Assist in implementation of Common Controls in the GRC tool and subsequent ongoing authorization and continuous monitoring
  • Assist IT System Owners and Control Owners in attestation and assurance processes
  • Plan and perform user acceptance testing (UAT) of GRC tool enhancements identifying issues and providing recommendations for resolution, communicating system changes to end users
  • Perform information security risk and control assessments and report on information security risks and recommend mitigation strategies; document and monitor information security remediation and control improvements
  • Support the continuous improvement of Information Security Policies, Standards, Processes, and Procedures

Requirements:

  • A minimum of 5-7 years’ experience in information security and/or risk management, especially in an information risk analysis, Enterprise Risk Management (ERM), and/or IT Audit role.
  • Knowledge of quantitative and qualitative risk evaluation methods, including information security control frameworks such as NIST, ISO, and COBIT.
  • Proven experience with control monitoring principles and practices.
  • Ability to understand and engage applicable industry-related regulatory requirements (e.g., FDA, FIPS, EU Annex 11, GDPR)
  • Direct experience in cybersecurity risk analysis and related security products/systems (ServiceNow GRC strongly preferred)
  • Demonstrable knowledge of information security standards, data security practices and procedures, network security, application security, and database security
  • Understanding the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols
  • Ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside to make appropriate assessments and decisions.
  • Excellent analytical and problem-solving skills
  • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.
  • Strong communication skills and ability to convey complex concepts in simplified terms.
  • Flexible and able to adapt quickly to changing technology
  • Open and able to apply original and innovative thinking to produce new ideas and create innovative approaches to information security oversight and compliance.
  • Experience with development and implementation of information security awareness and education programs.
  • Strong knowledge of Microsoft Office product suite, and corporate business applications including Skype and SharePoint
  • Comfortable working independently and collaboratively to achieve business outcomes
  • Biotech and IT experience preferred

Job ID: 345968

About Eliassen Group:

Eliassen Group provides strategic talent solutions to drive our clients’ innovation and business results. Leveraging over 30 years of success, our expertise in IT staffing, Agile consulting, creative services, managed services, and life sciences enables us to partner with our clients to execute their business strategy and scale effectively. Headquartered in Reading, MA and with offices from coast to coast, Eliassen Group offers local community presence, deep networks, as well as national reach. For more information, visit http://www.eliassen.com.

Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Don’t miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!