Information Security Analyst

Job Overview

Our client in the Bedminster area of NJ has an excellent opportunity for an Information Security Analyst!  You are expected to be in the office one or two days a week.



  • Create, update, and maintain the company’s Information Security policies, standards, and procedures, ensuring they are fit for purpose, address regulatory and compliance requirements, are being executed, and remain current. Propose changes to existing policies and procedures when necessary.
  • Support security risk and control assessment activities as part of a control framework implementation and maintenance, identifying potential weaknesses and improving the company’s overall posture and resilience.
  • Identify and assess the probability and potential impact of information security risks. Communicate risk assessment findings to risk owners outside the security program to consistently drive objective decisions about risk treatment.
  • Recommend and coordinate the implementation of technical, administrative, and physical controls to support and enforce defined security policies and standards and coordinate the remediation of identified issues or gaps.
  • Review and process Information Security policy exception requests and track through closure.
  • Provide support and guidance for regulatory compliance efforts, as well as internal and external audits (SEC, ESMA, FCA, GDPR, PCI, SOC2, and others).
  • Conduct third-party vendor security reviews and escalate identified risks. Collaborate with business requestors, service providers, and the Vendor Management department to establish acceptable contracts, control requirements, and service-level agreements.
  • Participate in deployment of security technologies and program enhancements.
  • Implement education programs on security awareness and policy compliance to drive improvements in organizational culture.
  • Monitor and report on technology trends, emerging risk, third party and vendor risks, regulatory requirements, and compliance with organizational security policies, including the enforcement of policies within the IT department.
  • Support the business by completing customers’ security due diligence questionnaires.
  • Provide support for Privacy program activities, managing the use and protection of personal information.



  • Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or equivalent related technical field.
  • At least 2 years’ experience as an Information Security Analyst.
  • Experience developing and maintaining policies, procedures, standards, and guidelines.
  • Experience with information security risk assessment methodologies.
  • Familiarity with NIST Cybersecurity Framework, NIST 800-53, ISO 27001/27002, CIS CSC, SOC 2, PCI, SOX, GDPR.
  • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and common controls.
  • Experience in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
  • Ability to thrive in both technical and non-technical aspects of Information Security duties.
  • Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts.
  • Working technical knowledge of current systems’ software, protocols, and standards.
  • Strong business process knowledge and application of technology solutions.
  • Knowledge of GRC (Governance, Risk and Compliance) systems a plus.
  • Experience working with legal, audit, and compliance staff.
Job Detail
Shortlist Never pay anyone for job application test or interview.