Information Security Analyst in Waltham, MA

Commonwealth Financial Network   •  

Waltham, MA 02454

Industry: Finance & Insurance


5 - 7 years

Posted 56 days ago


Are you an organized, action-oriented team player? Someone who is adept at prioritizing his or her daily work while supporting multiple initiatives? Do you have strong communication skills with a natural ability to focus on the customer's needs?

As part of our Information Security team, you will be helping to ensure that the company's information resources are secure from unauthorized access and protected from inappropriate alteration, while supporting the needs of Commonwealth users. Doing so will have you operating as an in-house consultant, responsible for designing, implementing, supporting, and maintaining policies and security solutions in both operational and customer-hosted environments.

Key responsibilities

  • Working as part of a team, assisting with ongoing, hands-on configuration and management of current and future security technologies
  • Responding to information security incidents and requests including malware analysis, reviewing logs and security alerts, handling security tickets, and performing the incident response
  • Conducting user security awareness sessions and trainings for home office employees and clients
  • Assisting in the management and deployment of information security solutions and technology
  • Assisting with the development, implementation, and enforcement of program policies, standards, procedures, processes, and guidelines
  • Acting as a subject matter expert by responding to internal and external customer inquiries regarding the company's information security practices
  • Assisting with the identification, assessment, and remediation of information security risks across the enterprise with the goal of reducing them to business-acceptable levels
  • Acquiring and continually growing your knowledge on a variety of information security concepts, best practices, control frameworks, and applicable existing and new legal/regulatory requirements (SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc.)
  • Providing direction and advice in technical areas such as conducting risk assessments, evaluating security solutions, reviewing SOC2 and related reports from third-party vendors, and recomending methods for testing controls
  • Providing consultative advice to the business on information security governance-related questions and issues

Core strengths

  • Bachelor's degree in information systems or a related discipline, or equivalent training
  • 5+ years of related work experience in an information security role
  • Ability to develop positive relationships and effectively communicate with employees, customers, auditors, business partners, and all levels of management
  • Strong technical and analytical skills
  • Ability to work on several projects/tasks simultaneously while maintaining attention to detail and deadlines
  • Ability to flex, stay positive, and adapt quickly to changing business models, project requirements, and technologies
  • Strong communication, consultative, influencing, and presentation skills
  • Familiar with information security technologies (DLP, MDM, IAM, SIEM, etc.) highly desired
  • GIAC, CEH, Comptia cysa+, Security+, or similar security certification desired

Valid Through: 2019-11-12