Information Security Analyst - W2

Job Title: Information Security Analyst

Location: New York, NY (Hybrid)

Duration: 12+ months

Summary

We are seeking an application security governance analyst to join and help establish and maintain effective governance practices within the application security vertical of Cybersecurity. The ideal candidate will have a strong background in application security, risk management, compliance, and governance framework, vulnerability assessments and remediation, data analysis, and reporting to help enhance our security posture through data-driven insight.

This position will be responsible for assisting in mitigating risks in our applications, enhancing policy and procedures, maintaining, and improving metrics, reports, and dashboards to measure the effectiveness of our Application Security Program.

Required Qualifications

• Knowledge of SDLC and experience with secure coding practices.
• Strong analytical skills with key attention to detail.
• Proficiency in data manipulation and visualization tools such as Jira, Excel, Tableau, Power BI.
• Strong analytical and problem-solving skills with attention to details.
• Knowledge of Cybersecurity Framework.
• Working knowledge of industry standards and regulatory requirements for financial institutions (FFIEC guidance, OCC circulars, NIST standards, etc.).
• Excellent communication skills with the ability to present complex information to senior management and non-technical audiences.
  
  

Responsibilities

• Participate in developing and implementing application security governance processes.
• Participate in the design and implementation of security controls and measures to protect applications from threats.
• Conduct regular reviews of application security controls to identify gaps and areas of improvement.
• Develop and maintain Application Security reports and dashboards to track KRIs and KPIs.
• Analyze data from various security tools and systems to identify trends and anomalies.
• Develop Requirements for new metrics.
• Coordinate responses to regulatory examiners, auditors, and risk management inquiries.
• Collaborate with cross-function teams to define metrics and ensure data accuracy.
• Participate in developing a communication strategy for application security teams and stakeholders.
  
  

Compensation: From $50.00 to $60.00 per hour