Senior Information Assurance Analyst

The Company

Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand.  Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders.  We’re growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.

The Role

The Information Assurance (IA) Analyst is responsible for leading task execution and collaborating with other IA analysts on various IA services and engagements. This position acts as a senior resource for Information Assurance services and client engagements. Responsible for performing work and holding junior IA Analysts accountable to client commitments.

What You'll Do

• Live by the NuHarbor corporate values: Protect the House, Help Clients Win, Always Improve.
• Serves as an Information Assurance resource for ongoing engagements and act as a senior level resource for clients.
• Perform portions of work tasks related to the service engagement with little oversight from leadership.
• Leads execution of deliverables for assessments and advisory services against industry accepted control frameworks.
• Records observations, meeting notes, and identifies recommendations during client’s engagements.
• Independently prepares for client engagements by conducting research, disseminating templates, and client communications.
• Leads client interviews and information gathering steps during client engagements.
• Customizes technical and security documentation templates.
• Evaluates security framework and compliance requirements.
• Performs collaboratively and independently executes on all IA service types including but not limited to risk assessments, assessments against control frameworks, incident response plans and testing, security documentation development, plan of action and milestone development and management and third-party risk assessments.
• Performs quality assurance checks for junior analysts.
• Synthesize and interpret security framework and compliance requirements.

Your Foundation. The requirements for this role: 

• Bachelor’s degree and two (2) years of experience. Experience should be in a cybersecurity field and should include relevant industry certifications.
• Typical Degrees: Computer Science, Information Technology, Cybersecurity, Data Analytics, Mathematics, or related field(s).
• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
• Two (2) years of experience performing Risk Assessments, Assessments against control frameworks, Incident response plans and testing, security documentation development, Plan of Action and Milestone development and management and third-party risk assessments.
• Demonstrated ability to perform all phases of Risk Assessments, Assessments against control frameworks, Incident response plans and testing, security documentation development, Plan of Action and Milestone development and management and third-party risk assessments.
• Knowledgeable about the latest Information Security trends, threats, and technologies and the impacts upon an Information Security Program
• Demonstrated experience working on project deliverables independently as well as within a team setting.
• Candidates who have experience and can demonstrate knowledge of the following Security frameworks: NIST 800-53, NIST CSF, CIS Top 18 ISO 27001.
• Excellent written and verbal communication skills with strong presentation abilities.
• Ability to convey and translate complex and technical topics in an easy-to-understand manner.
• Ability to manage and prioritize multiple concurrent tasks and projects.
• Ability to perform effective research and analysis through interviews and document review.
• Must be a citizen of the United States.

Additional Capabilities that will differentiate you for this role: 

• Experience with professional services and delivering on client engagements.
• Holds an industry accepted relevant certification such as Security+, CISM, CISA, CRISC, CISSP, CCSP.

The Rewards

What you can expect:

• The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
• An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
• Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
• A collaborative and driven working environment in a rapidly growing company and market
• A fun and social working environment where you are encouraged to be your true self.

You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.

We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win.  If this sounds like the kind of organization you’d like to be a part of, we‘d like to hear from you.

AAP/EEO Statement

The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled.

NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability.  We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.