Job Description
Job Description:
The Analyst, Information Security Communications will support the Information Security Awareness
Program Manager with the following:
Standardize the understanding of the business value of ISO 27k / NIST security controls to the Firms technology professionals;
Train the Firms technology professionals on current security control assessment practices;
Advise on change management-related training and communications strategies for enhancing technology departments process compliance;
Continuously evaluate the effectiveness of existing Information Security training, education, and awareness program/activities;
Mature and maintain the approach, goals, and objectives for the Information Security awareness and training program, including repeatable processes, reporting and metrics;
Contribute to creating a culture of security by growing awareness, engaging users in security best practices, and reducing risky behaviors;
Ensure that our Information Security awareness and training program communicates Firm security policies and requirements so that users know and understand them; and
Collaborate with the Information Security team to identify areas of risk and develop targeted and roles-based Information Security training, education, and awareness activities.
In addition, the Analyst, Information Security Communications will be expected to have:
A working knowledge of Information Security and risk mitigation principles, theories, and techniques in daily work;
Demonstrated understanding and use of basic project management methodologies;
Demonstrated experience with security controls, such as support for security reviews and audits;
Excellent interpersonal skills with the ability to communicate effectively verbally and in writing with all levels within the organization, including both technical and non-technical personnel;
Ability to communicate in a simple, clear, and concise manner to the various departments and personnel within the Firm;
Creative thinking and understanding of audience to produce engaging materials in a variety of formats and media, including user guides;
A high degree of independence, integrity and confidentiality;
Demonstrated knowledge of NIST Cybersecurity Framework (CSF); and
Exposure to ISO27001 certification requirements and/or certification maintenance.
Qualifications:
Bachelors degree (required); and
At least 7 years work experience in the Information Security sector.
Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.
Eligible employees can participate in the Firms comprehensive benefits program, which include the following:
Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short and Long Term Disability
Voluntary 401k plan and profit sharing
10 paid holidays per year, and a generous PTO program
Family Support including Paid Parental Leave and Fertility coverage
Bright Horizons (Back-up child care, elder care and online tutoring)
Dependent Care
Wellness programs (Employee Assistance Program, mental health and well-being events)
Anniversary Bonus Program
Professional Development Programs
Transportation Allowance and Commuter Benefits
Auto/Home/Legal Insurance
Pet Insurance
Employee discounts
And more!