Risk and Compliance Analyst

SUMMARYSeeking someone passionate about information security and customer service to assist customers in meeting their cybersecurity regulatory and legal requirements. Analysts will work with customers to develop formalized information security policies, analyze the efficacy of current policies and procedures, evaluate the risks posed by third-party providers, provide security awareness training to clients, and provide insight into cybersecurity regulations. Analysts also lend their expertise to internal initiatives related to cybersecurity governance and compliance.JOB RESPONSIBILITIESCoordinating and working with clients to develop formalized Written Information Security Programs (WISPs).Performing cybersecurity due diligence assessments on client vendors.Assisting clients in meeting regulatory requirements via policy review and testing (e.g., incident response tabletop exercises).Coordinating with other analysts and engineers as part of vCISO advisory services.Providing customized end-user security awareness training via presentations and simulated phishing campaigns.Researching and keeping up to date with financial services, U.S. healthcare, and data privacy requirements, including DORA, FCA, CCPA, GDPR, HIPAA, FINRA, DFSA, CSSF, and NYDFS.Performing compliance information security gap assessments for various regulations and frameworks (NIST CSF, CIS CSC v8, HIPAA, PCI-DSS, etc.).QUALIFICATIONSOne to three years of experience in an IT, cybersecurity, or GRC-related field (preferred).Preferred certifications: CompTIA Security+, ISC2 CC, OCEG GRCP.Knowledge of Secure Software Development Life Cycle (SSDLC) practices is a plus.Basic operational capabilities for the Office 365 stack (Microsoft Word, Excel, Outlook).Strong ability to direct self-work with excellent organizational and time management skills.Excellent verbal and written communication skills, especially when communicating technical concepts to non-technical audiences.Critical and creative thinking to strategize how to add value to customer engagements and improve processes.Exceptional spelling and grammar skills for writing and proofreading documents.Ability to remain flexible as processes continuously improve.JOB REQUIREMENTSShould be willing to accept a long-term work-from-home arrangement.Should be amenable to a permanent night shift schedule.