"Alerted.org

Job Description

The Information Security Compliance Analyst I supports cybersecurity compliance and risk management matters, working closely with IT members, business partners, and internal and external auditors and regulators. This position impacts James River’s security posture, including contributing to cybersecurity policy development & awareness, identity & access management, and data governance initiatives. The target pay rate for this position is between $40-48/hr and is based on years of experience.

Duties and Responsibilities

• Continuously exhibit and uphold Core Values of Integrity, Accountability, Communication and Teamwork, Innovation and Customer Service

• Maintain, and refine cybersecurity risk management practices using established frameworks such as NIST CSF and ISO 27001

• Assist with the creation and maintenance of information security policies, standards, procedures, and guidelines

• Preparation and review of control narratives and descriptions

• Maintenance of risk registers and risk/control matrices

• Assist with the planning and execution of Data Governance and other security programs

• Maintain performance metrics for the Security program

• Utilize security compliance tools and identify opportunities for improvements and reporting

• Collaborate with the security team, IT, and business partners to document security controls, identify gaps and implement new controls

• Performance of security assessments to ensure that management, operational, and technical security controls are properly implemented and maintained

• Partner with internal and external auditors and regulators to demonstrate cybersecurity compliance and build attainable plans to remediate deficiencies

• Assist in the planning and testing of cybersecurity incident response activities, including coordination with internal stakeholders

• Keep abreast of current threats and vulnerabilities and alert IT and Information Security teams

• Maintain awareness of information security best practices and evaluate their applicability to James River

• Stay current with latest changes in external cybersecurity compliance initiatives that may affect the organization’s external requirements

• Drive security awareness activities to improve business and IT security knowledge and practices

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

- Bachelor's in IT, IS, Computer Science, etc

- 2+ years of related (general cybersecurity) experience in a professional setting (work and/or internships)

- Excellent written and verbal communication skills

- Knowledge of NIST CSF and ISO 27001 security frameworks Certifications (Security+, CISA, or equivalent) strongly preferred