Security Analyst II - 100% Remote

Hi, We have an urgent job opening with our Direct client. Title: Security Analyst II 100% Remote Location: Stamford, Connecticut Duration: 12+ months Description: Title: Analyst, Information Security Governance, Risk and Compliance Location: virtual/remote US Possible contract to hire. Role Summary/Purpose: The Analyst, Information Security Governance, Risk and Compliance will play a key role insafeguarding the organizations systems, networks, and data. The position is responsible for aiding in the design, development, and build of Information Security governance capabilities, participate in the management of these capabilities, and supporting controls. In addition, this role will be responsible for acting as a trusted resource for other analysts in the organization. Essential Responsibilities: Design, develop, Implement and provide ongoing support for a global Information Security Cryptography governance process, to ensure the compliance and effectiveness of various data protection controls, methods, procedures, processes (i.e., ciphers suites, encryption, key/secrets management, PKI, tokenization, transport layer security) Participate as one of several governance leads on team of information security analysts Play a hands-on role in the engineering, implementation, and continuous improvement of governance processes to ensure data protection control objectives are effective Aid in disaster recovery planning and operations and data backups when needed Provide day-to-day administration and support for information security governance needs related to API, application security, firewalls, encryption, intrusion detection systems, PKI, secrets management, vulnerability scanning, security monitoring tools, penetration testing, authentication, web filtering, identity management, or access control systems, and their associated logs and processes Participate in authoring, editing, providing or reviewing documentation (procedures, standards) to ensure a well-managed and mature security infrastructure Works closely with Information Security program manager, scrum master, and architects to convey technical impacts to development/engineering timeline and risks Work independently in identifying opportunities to improve operational or other performance for Security, Information Technology and other functions across Client. Work with Information Security engineers and API developers to drive program delivery Work with Information Security leaders to advance cryptography governance program development, maturity, and standards across the organization Serve as subject-matter expert to other team members in the Information Security organization Perform other duties and/or special projects as assigned Qualifications/Requirements: Bachelor's degree in Computer Science/Engineering or related field OR High School Diploma/GED and a minimum of 4 years or experience in Technology with a minimum of 3 years in Information Security Certifications in audit, cloud, cybersecurity, governance, information security, privacy, risk preferred; AWS, Google Cloud Platform, GIAC, IAPP, ISC2, ISACA Excellent oral communication and writing skills. Adept and presenting complex topics, influencing and executing with timely / actionable follow-through Experience with legal and regulatory compliance standards such as GDPR, PCI DSS, SOX Experience with IT governance, risk, and compliance management in a global environment Experience with IT GRC/IRM platforms (i.e., Oracle, RSA Archer, MetricStream) Familiarity with ISMS and security frameworks, including NIST Cybersecurity Framework Proven ability to organize/manage multiple priorities coupled with the flexibility to quickly adapt to ever-changing business needs Strong analytical and problem-solving skills with the ability to convert information into practical deliverables. Uses rigorous logic and methods to solve difficult problems. Desired Characteristics: Ability to successfully manage working on multiple simultaneous projects Audit, compliance, data privacy, governance, risk background Creativity and individual thinking, and the ability to work both with a team and unsupervised Familiarity with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure Good teamwork, oral and written communication Good understanding of security landscape as a whole Strong and efficient problem-solving and analytical skills, willingness to learn Information security background Knowledge of modern coding languages such as Python Knowledge of API development Knowledge of CI/CD pipelines Knowledge of encryption concepts, controls, technologies Knowledge of secrets management concepts, controls, technologies Knowledge of tokenization technologies Understanding of various cloud deployment/service models from a development, infrastructure and information security aspect. Regards, Mary Celestina Lead Recruiter Email: US # +1