View all jobs

Cyber Security Risk Analyst

Andover, MA · Information Technology
About the Company:  
Founded in 1874 on the belief that water boilers in textile mills shouldn't explode. What started with a pressure relief valve in a tiny New England machine shop has paved the way for today's high-quality, worldwide water solution technologies. From melting ice on entire city blocks from the ground up, to filtering safe drinking water in isolated, weather disaster zones, the company makes the world a safer and cleaner place.

A global leader of quality water solutions for residential, industrial, municipal, and commercial settings. The family of brands offers one of the most varied product lines in the world, with world-class, water-related solutions focused on:
  • Drainage
  • HVAC and Hot Water
  • Plumbing & Flow Control
  • Water Quality & Rainwater Harvesting

Main Responsibilities: 
  • Figure out inherent risks of current and prospective third-party products, services and data partnerships
  • Design and execute third-party security assessments and prioritize control remediation as appropriate
  • Review processes and build metrics that help educate internal organizational leaders on their third-party’s information security profile
  • Demonstrate strong knowledge in IT controls, risk assessments, gap assessments and the design and testing of security controls
  • Support the organization’s InfoSec and data privacy policy, procedures and controls
  • Work with external audit teams for NIST, PCI, SOC and other audits

Required Qualifications:
  • Bachelor’s degree in information security, Computer Science, Management Information Systems or related field preferred.
  • Professional certifications in Information Security or Risk Management (e.g., CTPRA, CTPRP, CISA, CISM, CRISC, or CISSP)
  • Minimum 5+ years of related work experience in Information Security GRC or relevant Audit or Compliance roles.
  • Familiar with information security frameworks (e.g., ISO 27001/2, SOX IT Controls, COBIT, SOC 2 Trust Principles, PCI DSS, NIST 800-53/CSF).
  • Prior experience with conducting and analyzing security risk assessments complex organizations.
  • Experience with enterprise security monitoring and vulnerability scanning tools (i.e. Nikito, Netsparker, Nexpose, Qualys or OpenVas)
  • Experience organizing tabletop exercises for disaster recovery and incident response
  • Flexible, adaptable, and work easily with other people in a collaborative team environment.
  • Able to communicate relevant information clearly and concisely both verbally and in writing.
  • Able to work independently on multi-task assignments in a fast-paced environment and high sense of urgency.

April A. Estes
ProEnlist, LLC
Connect with me on LinkedIn
For More Jobs: 
ProEnlist on Linkedin
ProEnlist on Facebook
ProEnlist on Glassdoor

Please do NOT email the recruiter.  Applications are only accepted via the apply link.
C2C Not Available for This Position

Powered by