Get AI-powered advice on this job and more exclusive features.
Senior IT Recruitment Consultant @ Solas IT Recruitment | ERF CertRP
IT Security Controls & Reporting Analyst
We are seeking a detail-oriented and experienced IT Security Controls & Reporting Analyst to join our IT Infrastructure and Security team.
The successful candidate will be responsible for engaging with client security audits, completing extensive cybersecurity questionnaires, leading third-party vendor assessments from a cybersecurity perspective, and maintaining technical documentation.
This role is vital in ensuring our firm’s compliance with security standards and maintaining the integrity of our IT systems.
Key Responsibilities
* Client Security Audits: Engage with client security audits and ensure all cybersecurity requirements are met. Complete extensive cybersecurity questionnaires accurately and in a timely manner.
* Vendor Assessments: In collaboration with the risk and compliance department, lead the cyber and information security assessments of third-party vendors, ensuring they meet our security standards.
* Policy: Develop and maintain security controls and policies to protect the firm’s IT infrastructure.
* Performance Monitoring: Monitor and report on the effectiveness of security controls and recommend improvements. Prepare and present security reports to management and clients.
* Collaboration: Work closely with internal teams to address security vulnerabilities and implement corrective actions.
* Documentation: Create and maintain detailed documentation regarding cybersecurity controls.
* Continuous Learning: Stay up to date with the latest cybersecurity trends, threats, and best practices.
* Security Awareness: Assist in the development and implementation of security awareness training programs for staff.
* Support incident response activities and investigations as needed.
* ISO 27001: Participate in the annual ISO 27001 certification process.
Skills, Knowledge, and Expertise
* Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
* 2-3 years of experience in IT security, with a focus on security controls and reporting.
* Experience with regulatory compliance and audit processes.
* Experience with security risk assessments and mitigation strategies.
* Knowledge of third-party vendor risk management and assessment.
* Strong understanding of cybersecurity principles, frameworks, and best practices.
* Familiarity with security standards and regulations (e.g., ISO 27001, GDPR, HIPAA).
* Strong understanding and knowledge of cloud security principles and best practices, data protection and encryption technologies, network security (including firewalls, IDS/IPS, and VPNs), and identity management.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Staffing and Recruiting
#J-18808-Ljbffr