BostonRecruiter Since 2001
the smart solution for Boston jobs

Compliance & Risk Analyst

Company: Ceres Group
Location: Boston
Posted on: September 25, 2022

Job Description:

Join a global compliance team for one of Boston's leading Asset Management Firms. This role will report to the Manager of IT Security and is part of the IT Production Control & Risk Management group. The IT Security Risk Analyst is a member of the IT Security Risk & Audit team, and has project, audit, reporting, and documentation responsibilities. The individual also assists with staff action processing and security incident management, as well as day-to-day security support and operational tasks.

Primary Responsibilities:

* Participates in IT security project management
* Generates and analyzes application, SQL, file system access audit documentation
* Performs access analysis for staff actions (onboarding/transfers/terminations)
* Assists in data classification & protection projects
* Manages email security functions
* Participates in weekly meetings with other internal risk management teams
* Supports the definition and implementation of security policies & procedures
* Maintains documentation for processes and procedures
* Identifies and supports quality improvement initiatives
* Assists in performing product evaluations in support of data security initiatives
* Performs IT security risk assessments of both new and existing in house and vendor based systems
* Contributes to company standards and policies related to IT security risks
* Maintains broad knowledge of best practices and trends in the field of Information Security
* Supports vulnerability management processes
* Assists in the adoption of new tools, processes and policies to enhance the firm's security posture
* Performs various duties around the formation, delivery and maintenance of the firm's Information Security Awareness and Communication Program
* Provides after-hours coverage for Security Events and Incident Response
* Provides technical security support to Business Areas and IT staff on products, projects, applications and services as required
* Participates and lead incidents as part of the Information Security Incident Response Team (ISIRT)
* Participates in Information Security meetings and activities as required
* Performs any and all other assigned Information Security Program tasks and functions
* Provides cross functional support for RFP generation by defining the security and compliance responses to appropriately address customer needs and leveraging the expertise of others to support
* Assists in workflow enhancement for various supporting processes

Required Skills:

* Undergraduate with 3-5 years related experience, or graduate degree with information security specialization
* Strong written and verbal communications and interpersonal skills
* Motivated and passionate about learning and developing your skills
* Strong knowledge of information risk and security principles and practices
* Understanding of various processes and regulatory standards including: MA Privacy Law 201 CRM 17.00, NIST Standards, SEC Standards; Risk Assessment Methodologies; Audit; Incident Response & Forensics
* Familiarity with Microsoft Active Directory
* Experience working with Active Directory and relevant operating system security (Windows, Linux, etc.)
* Experience with the following is desired: CMDB, SIEM, data leakage prevention and eDiscovery technologies, Varonis DatAdvantage
* A security-related certification would be a plus (CISSP, CISM, CISA, etc.)


Keywords: Ceres Group, Boston , Compliance & Risk Analyst, Professions , Boston, Massachusetts

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Massachusetts jobs by following @recnetMA on Twitter!

Boston RSS job feeds