The Role
Provide GRC support to clients: develop Written Information Security Programs, perform vendor due diligence and gap assessments, assist with regulatory compliance and tabletop exercises, deliver security awareness training and simulated phishing, and support vCISO advisory and internal cybersecurity governance initiatives.
Summary Generated by Built In
SUMMARY
We are seeking someone passionate about information security and customer service to assist customers in meeting their cybersecurity, regulatory, and legal requirements. Analysts will work with customers to develop formalized information security policies, analyze the effectiveness of current policies and procedures, evaluate the risks posed by third-party providers, provide security awareness training to clients, and offer insight into cybersecurity regulations. Analysts also lend their expertise to internal initiatives related to cybersecurity governance and compliance.
We are seeking someone passionate about information security and customer service to assist customers in meeting their cybersecurity, regulatory, and legal requirements. Analysts will work with customers to develop formalized information security policies, analyze the effectiveness of current policies and procedures, evaluate the risks posed by third-party providers, provide security awareness training to clients, and offer insight into cybersecurity regulations. Analysts also lend their expertise to internal initiatives related to cybersecurity governance and compliance.
JOB RESPONSIBILITIES
- Coordinate and work with clients to develop formalized Written Information Security Programs (WISPs).
- Perform cybersecurity due diligence assessments on client vendors.
- Assist clients in meeting regulatory requirements through policy reviews and testing (e.g., incident response tabletop exercises).
- Coordinate with other analysts and engineers as part of vCISO advisory services.
- Provide customized end-user security awareness training through presentations and simulated phishing campaigns.
- Research and stay up to date with financial services, U.S. healthcare, and data privacy requirements, including DORA, FCA, CCPA, GDPR, HIPAA, FINRA, DFSA, CSSF, and NYDFS.
- Perform information security compliance gap assessments for various regulations and frameworks (e.g., NIST CSF, CIS CSC v8, HIPAA, PCI-DSS).
QUALIFICATIONS
- 1–3 years of experience in an IT, cybersecurity, or GRC-related field (preferred).
- Preferred certifications: CompTIA Security+, ISC2 CC, and OCEG GRCP.
- Knowledge of Secure Software Development Life Cycle (SSDLC) practices is a plus.
- Basic operational proficiency with the Microsoft 365 suite (Microsoft Word, Excel, and Outlook).
- Strong ability to work independently, with excellent organizational and time management skills.
- Excellent verbal and written communication skills, especially when communicating technical concepts to non-technical audiences.
- Critical and creative thinking skills to identify opportunities to add value to customer engagements and improve processes.
- Exceptional spelling and grammar skills for writing and proofreading documents.
- Ability to remain flexible as processes continue to evolve.
JOB REQUIREMENTS
- Should be willing to accept a long-term work-from-home arrangement.
- Should be amenable to a permanent night shift schedule.
Skills Required
- 1-3 years experience in an IT, Cybersecurity, or GRC-related field
- CompTIA Security+ certification
- ISC2 CC certification
- OCEG GRCP certification
- Knowledge of Secure Software Development Life Cycle (SSDLC) practices
- Basic operational capabilities for the Office 365 stack (Microsoft Word, Excel, Outlook)
- Strong ability to self-direct work with excellent organizational and time management skills
- Excellent verbal and written communication skills for non-technical audiences
- Critical and creative thinking to add value to customer engagements and improve processes
- Exceptional spelling and grammar skills for writing and proofreading documents
- Ability to remain flexible as processes continuously improve
- Willingness to accept a long-term work-from-home arrangement
- Amenable to a permanent night shift schedule
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
ScalableOS is an expert offshoring company that connects growth-focused businesses with exceptional global talent, providing tailored offshore staffing solutions to enhance business efficiency and drive growth.







