Info Security Governance Analyst

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.The Information Security Governance Analyst is responsible for multiple information security-governance, risk, and compliance- related activities. This includes reviewing the security posture of vendors, coordination of information security audit activities, supporting and client due diligence by responding to client security questionnaires, requests for proposal, and requests for information. Responsibilities include managing information security program and security awareness documentation and content.Essential DutiesAudit & Assessment Liaison Activities: Liaise, plan and coordinate information security audits including coordination with auditors and control owners. Liaise with auditors to gather and evaluate evidence for information security audits, drive remediation efforts and report on potential risks. Conduct mock-audits and control reviews. Communicates the effectiveness of security controls to leadership.Perform Vendor Due Diligence: Review the security posture of vendors and third parties. This includes reviewing responses to vendor security questionnaires, writing assessment reports, and communicating risks to the Line of Business contacts.Provide Client Due Diligence Support: Respond to and complete client security questionnaires, requests for proposal, and requests for information.Manage Information Security Program Documentation: Review and update information security policy, standards, procedures and related documentation. Provide subject matter expertise in the areas of security policies, standards and related compliance.Manage Security Awareness Content: Manage phishing tests, coordinate updates to security awareness course content, periodic articles and report / escalate delinquencies. Minimum QualificationsEDUCATION/CERTIFICATIONSRequired:Bachelor’s degree in cyber security, information systems, or related field or equivalent level of experienceRequired:TECHNICAL/SOFT SKILLSCritical and structured thinking, formal analytic methodsSolid understanding of security applied to OS, applications, networking, cloud, mobile, etc.Ability to perform under pressure and handle multiple prioritiesAbility to self-motivate and work independentlyStrong organizational skills ExperienceRequired:2+ years information security experience1+ years experience performing vendor security assessments / vendor due diligencePreferredExperience responding to client due diligence inquiriesRequired:COMMUNICATION SKILLSRequired: Excellent written and oral communicationPreferred: Ability to translate technical terms into layman’s termsAt RSM, we offer a competitive benefits and compensation package for all our people.  We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients.  Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits   https://rsmus.com/careers/el-salvador.html.RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Salvadoran Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation.Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.