Job Description
Job Description
We are looking for a highly skilled Sr. Information Security Analyst to join our team in Springfield, Massachusetts. In this long-term contract position, you will play a pivotal role in safeguarding sensitive information, managing security risks, and ensuring compliance with industry standards and regulations. This role requires a proactive approach to identifying vulnerabilities, responding to incidents, and implementing robust security measures that align with organizational goals.
Responsibilities:
• Collaborate with various departments to assess and manage information security risks while ensuring compliance with regulatory requirements.
• Provide expert advice and leadership on security projects, including the evaluation, development, and integration of security technologies.
• Lead efforts in managing security incidents, conducting digital forensic investigations, and ensuring timely containment and notification.
• Perform comprehensive audits and assessments to identify vulnerabilities, monitor threats, and address anomalous activities.
• Stay informed of emerging trends in IT security and privacy to continuously improve organizational defenses.
• Develop and update policies, standards, and procedures to mitigate security risks and enhance compliance frameworks.
• Partner with internal and external stakeholders to address risk management and privacy concerns.
• Create and maintain documentation, training materials, and performance metrics to support the overall security program.
• Monitor and optimize security controls across network, cloud, and system environments to prevent potential intrusions.
• Extensive experience in security governance, risk management frameworks, and regulatory compliance (e.g., NIST, ISO 27001, PCI-DSS, HIPAA, FERPA).
• Proven ability to lead enterprise-level security initiatives and manage complex projects.
• Strong analytical skills to evaluate security risks and implement effective mitigation strategies.
• Technical proficiency in system, network, and cloud security, as well as incident management and intrusion detection.
• Hands-on experience in computer incident response, including investigations, containment, and remediation.
• Excellent communication skills to work collaboratively with diverse teams, including both technical and non-technical stakeholders.
• Ability to prioritize and manage multiple tasks in a dynamic, fast-paced environment.
• Relevant certifications such as CISSP, and expertise with tools like Azure Sentinel, Microsoft Defender, and SIEM systems.