Cybersoft Technologies Company Profile

Information Security Analyst at Cybersoft Technologies (Houston, TX)

About the Employer

Job Description

Cybersoft is seeking an Information Security Analyst to join our growing IT organization. As a member of the IT team, you will establish security policies, standards, methodologies, and processes. You will also be responsible for executing assessments to ensure compliance with internal and external requirements, identifying risks, and communicating the identified risks to the stakeholders. You will be the subject matter expert for Security Governance, Risk, and Compliance.ResponsibilitiesReview, audit, monitor, and analyze security risks and vulnerabilities against policies, standards, and frameworks such as ISO, SOC, PCI, etc.Work with cross-functional team members to identify improvement opportunities and providing feedbackIdentify, document, and maintain security control matrixManage remediation efforts and track completion status of deficienciesManage the implementation of security governance by leading the process of governance, administration and maintenanceInteract with sales, engineering and product teams to ensure security capabilities and controls are in place and meet relevant regulatory requirements and best practicesReview, develop, execute and maintain Information security policies and standardsProvide security compliance requirements into cloud solutions design and architecture to ensure it is incorporated early in the processPerform cloud security and compliance assessments at all levels of the infrastructure, platform and software by utilizing established security frameworksDemonstrate the understanding of software development lifecycle (SDLC) and security related processesFamiliarity with one or more industry security compliance frameworks and/or regulations (ISO27001/2, PCI, HIPAA, FedRAMP, SOX, SOC 2, and GDPR)Stay abreast of the latest changes in regulatory and security practices, issues and technologiesConduct risk assessment reviews to identify risks and recommend remediation based on security best practicesAbility to interpret and communicate technical terms to non-technical audienceImplement and recommend security controls based on ISO27001/2 frameworkDeveloping risk mitigation strategies for identified vulnerabilitiesRequirements3 or more years of experience in the Information Security, risk assessment, compliance, audit, security practices/solutions/methods, etc. i.e. SOC2, SOX, PCI, GDPR, etc.Understanding of business processes, internal controls, risk management, IT controls and related standards.Fundamental understanding of security domainsExperience in assisting in building Governance, Risk and Compliance (GRC) practiceThorough knowledge and understanding of current information risk assessment techniques requiredStrong analytical and organizational skills with demonstrated ability to plan and manage projects along with ensuring deliverables meet work plan specifications and deadlinesShould be a self-starter and lead the risk analysis in assigned areas with minimum supervisionStrong technical and/or management background in technical systems/environmentsStrong written and verbal communication skillsCertification preferred (CISSP, CISM, CISA, etc.)Interested candidates please apply online or submit your resume to: careers@cybersoft.netPlease apply ONLY if you live or can relocate WITHIN 30 MINUTES from the corporate office location**Cybersoft is a leading provider of innovative business software solutions, information technology and consulting services. At Cybersoft, our aim is to apply our experience and industry leadership to meet and to exceed our customers expectations and deliver consistently high-value benefits and value for our customers.