remote
Information Security Analyst - S R International Inc
Security Engineer
Seasoned Information Security Analyst to drive risk assessments, security audits, compliance programs, and policy development within a GRC framework, leveraging ISO 27001 and vulnerability management best practices.
About the role
Key Responsibilities
- Conduct comprehensive risk assessments and security audits across enterprise systems and applications.
- Develop, maintain, and enforce information security policies, standards, and procedures aligned with ISO 27001 and NIST frameworks.
- Support the Governance, Risk, and Compliance (GRC) team in tracking remediation activities and reporting risk posture to senior leadership.
- Coordinate and execute vulnerability scanning, analysis, and remediation verification.
- Assist with incident response planning, including root‑cause analysis and post‑incident reporting.
Requirements
- 3+ years of experience in information security, risk assessment, or GRC roles.
- Hands‑on experience with security audit methodologies and vulnerability management tools.
- Strong knowledge of ISO 27001, NIST, and related compliance frameworks.
- Excellent written and verbal communication skills for policy development and stakeholder interaction.
- Relevant certifications such as CISSP, CISM, or ISO 27001 Lead Implementer preferred.