Overview Location: Hybrid (3 days onsite, 2 days remote) north of Pittsburgh, PA
Job Type: Full Time / Contract
Work Authorization: No Sponsorship
The A.C.Coy company has an immediate opening for an Information Security Analyst. Ideal candidates must have experience delivering projects for an Information Security Group and acting as a technical SME regarding SOC 2 assessments and security control framework.
Responsibilities
- Support the delivery of projects for the Information Security Group and the broader Global Technology Operations team
- Act as a technical SME regarding SOC 2 assessments and security control framework
- Support Client's SOC 2 assessment, working with internal stakeholders to evidence security controls in operation
- Work with stakeholders to review and update Clients's security controls framework in line with recent changes to NIST and CIS controls
- Coordinate stakeholders across the organization to disseminate assessment findings and coordinate remediation
- Work closely with project managers on outlining key tasks, refining delivery plans
Qualifications
- Experience working internally to deliver a SOC 2 certification, working with internal stakeholders to evidence controls and interfacing with external auditor - 3+ years
- Experience working with virtual server and desktop environments such as VMware and Citrix - 3+ years
- Familiarity with security frameworks such as NIST800, CIS, ISO27001 - 2+ years
- Familiarity with security and privacy regulations impacting financial services such as SOX and GDPR - 2+ years
- CISSP, CCSP, CompTIA Security+, GIAC security essentials certifications - Preferred