We are seeking an Information Security Analyst to assist the Director of Information Security with overall security of systems and daily support procedures. The Information Security Analyst has the responsibility of assisting senior staff in the evaluation, development, implementation and operational aspects of policy, standards, procedures and guidelines supporting the company's information security plan, as well as assisting with the process of responding to APEX customer third party security reviews as part of normal security reviews and the Sales RFP process. The Information Security Analyst will also be part of the risk management process and perform gap analysis to assist management in making security decisions.
Monitor and assist in compliance efforts for Statement on Standards for Attestation Engagements (SSAE) and customer compliance and any associated security audits
Develop a thorough understanding of business, systems and processes to provide tailored information security solutions and services; minimizing disruption while maximizing impact
Prepare reports for internal and external clients detailing he security issues, making recommendations and identifying solutions
Coordinate and participate in control deficiency remediation and ensure completion, as required
Monitor and document exceptions to policy to confirm risk statement and assess action plan to mitigate risk
Participate in technology projects to identify information security weaknesses in proposed systems /applications, and assist in development of appropriate solutions based on risk assessment
Assist with cyber security training as necessary
Ensure adherence to critical compliance such as SSAE18 SOC I and II
Identify new ways to protect the organization’s computer systems and networks.
Participate in cloud security reviews and network security assessments
Knowledge of current security risks and protocols
Compliance skills in relations to key legislations such as Health Insurance Portability & Accountability Act (HIPAA), SSAE18, and EU General Data Protection Regulation (GDPR)
Working knowledge of IT Security and compliance including procedures around the following: Change Control and Production Deployment, Auditing and Compliance, Internal IT Audit Controls, Incident Management Procedures and Documentation, Risk Assessments of and by Third Parties, Security Awareness Training
3+ Years of Third Party Security reviews
BS in Computer Science/MIS (or equivalent education/work experience)
CISSP or CISM certification or working towards
About APEX Analytix
APEX Analytix is the fastest growing provider of audit technology and services. We currently serve more than 250 companies across all geographies and all industries. Taken together, these companies generate nearly $4.5 trillion in annual revenue, and we do everything we can to help them preserve it.
When you join APEX, you’ll join a globally diverse and respected industry leader. You’ll also become a member of a company culture that encourages positive work/life balance, provides exceptional education, training and developmental opportunities, rewards high achievement, and delivers unsurpassed customer service