Job Description
Job Description
We are looking for a highly skilled Sr. Information Security Analyst to join our team in Springfield, Massachusetts. In this long-term contract position, you will play a pivotal role in safeguarding sensitive information, managing security risks, and ensuring compliance with industry standards and regulations. This role requires a proactive approach to identifying vulnerabilities, responding to incidents, and implementing robust security measures that align with organizational goals.
Responsibilities :
- Collaborate with various departments to assess and manage information security risks while ensuring compliance with regulatory requirements.
- Provide expert advice and leadership on security projects, including the evaluation, development, and integration of security technologies.
- Lead efforts in managing security incidents, conducting digital forensic investigations, and ensuring timely containment and notification.
- Perform comprehensive audits and assessments to identify vulnerabilities, monitor threats, and address anomalous activities.
- Stay informed of emerging trends in IT security and privacy to continuously improve organizational defenses.
- Develop and update policies, standards, and procedures to mitigate security risks and enhance compliance frameworks.
- Partner with internal and external stakeholders to address risk management and privacy concerns.
- Create and maintain documentation, training materials, and performance metrics to support the overall security program.
- Monitor and optimize security controls across network, cloud, and system environments to prevent potential intrusions.
- Extensive experience in security governance, risk management frameworks, and regulatory compliance (e.g., NIST, ISO 27001, PCI-DSS, HIPAA, FERPA).
- Proven ability to lead enterprise-level security initiatives and manage complex projects.
- Strong analytical skills to evaluate security risks and implement effective mitigation strategies.
- Technical proficiency in system, network, and cloud security, as well as incident management and intrusion detection.
- Hands-on experience in computer incident response, including investigations, containment, and remediation.
- Excellent communication skills to work collaboratively with diverse teams, including both technical and non-technical stakeholders.
- Ability to prioritize and manage multiple tasks in a dynamic, fast-paced environment.
- Relevant certifications such as CISSP, and expertise with tools like Azure Sentinel, Microsoft Defender, and SIEM systems.