Share this Job

Sr. Information Security Analyst

Date: Jan 7, 2022

Location: Remote, IN

Company: Syniti

Syniti is an innovative, global leader in Enterprise Data Management. With smart and powerful resources like our award-winning software platform and premier consultants, Syniti helps the world’s top enterprises create unique advantage and value with their data. Whether the goal is bringing new products to market faster, accelerating time-to-value for a new ERP system or corporate acquisition, powering new AI/ML initiatives, or increasing profitability by eliminating inefficiencies, Syniti ensures your business’s data is a high-performing and trusted asset. Syniti is also a preferred data solution used by the world’s top system integrators, and a portfolio company of BridgeGrowth Partners LLC. Headquartered in Boston, Massachusetts with offices in 25 countries around the world, Syniti operates in all global regions and industry verticals, and maintains a 100% client success rate across thousands of complex data projects and initiatives.

Senior Information Security Analyst

 

 

About Syniti: Syniti enables agile enterprises with silo-free enterprise data management that helps turn complex data challenges into competitive advantages.

 

With a unified, learning platform and one of the world’s largest teams of data-focused experts, enterprises and global alliance partners choose Syniti when they require trusted data to ignite business growth and reduce risks.

 

Headquartered in Boston, Massachusetts with offices in 25 countries around the world, Syniti operates in all global regions and industry verticals, and maintains a 99.7% client success rate across thousands of complex data projects and initiatives.

 

Summary: The Information Security Analyst will be a key member of the technical team responsible for global governance, risk, and compliance at Syniti. This individual will work closely with the engineering, product, legal, customer success, marketing and sales teams, as well as internal and external auditors to promote security and compliance best practices and provide comprehensive data governance. They will be responsible for performing strategic analysis of available information, participating in field audits and enforcement, leveraging technical expertise and partnering with colleagues, as needed. The position will also act as a technical resource across the larger organization and external partners.

 

Essential Duties & Responsibilities:

  • Conduct information security risk assessments; identify, investigate, and document potential security exposures; propose control activities or solutions to mitigate risk including compensating controls; assist implementing approved procedures and products.
  • Identify and evaluate risks to technology and architecture to ensure security and compliance with corporate policies, standards, and applicable frameworks and regulatory requirements; collaborate with business to implement controls and secure solutions.
  • Lead and facilitate pre-audit analysis and gap assessments.
  • Lead and initiate information security audits, risk assessments, and other governance and compliance actions as necessary.
  • Lead and facilitate Third Party Risk Management (TPRM) for critical and non-critical vendors and provide guidance to the respective teams on implementation.
  • Lead and initiate security reviews of new products and services and as part of TPRM.
  • Champion and initiate information security awareness and education for staff.
  • Research and monitor changes in regulatory, statutory, or contractual requirements that impact Syniti’s information security program; stay abreast of industry and trending topics to respond to emerging cyber threats.
  • Review and respond to customer questionnaires, legal reviews of contracts or security addendums, and assist sales team with RFI and RFP work as needed.
  • Maintain industry awareness and knowledge in core information security & risk topics by participating in professional associations, attending educational workshops, reviewing professional publications, and self-learning opportunities.
  • Other duties as assigned.

 

Essential Skills and Experience:

  • 8+ years in information security, at least 2 years specific to governance, risk, or compliance responsibilities.
  • Extensive knowledge of ISO 27001:2013, 27002, NIST 800-53, and SOC 2 frameworks.
  • Strong familiarity with PCI-DSS, HIPAA, GDPR, CCPA, FedRAMP, International Privacy Requirements including EU Privacy and Safe Harbor.
  • Demonstrated understanding of agile and DevOps secure software development lifecycle and ability to distinguish the core inputs and outputs in each cycle.
  • Working knowledge of cloud architectures and platforms such as AWS/Azure/GCP.
  • Ability to work professionally with auditors and customers.
  • Experience working with a GRC platform or tool.
  • General proficiency and knowledge of cybersecurity tools such as SIEM, vulnerability management, EDR, anti-malware, NIDS/HIDS, firewalls, and others.
  • Ability to demonstrate critical thinking, problem solving, and decision making with professional poise.
  • Ability to self-motivate and work independently.
  • Ability to work with people from many different disciplines and cultures with varying degrees of technical aptitude.
  • Attention to detail and a thorough approach to problem-solving.
  • Able to quickly synthesize business and information security intersecting needs; ability to prioritize competing projects.
  • Ability to work autonomously on multiple projects with a geographically distributed team.
  • Strong written and verbal communication skills.

 

 

Desirable Skills and Experience:

  • Certifications in information security, audit, or risk management such as: CISA, CGEIT, CRISC, CISSP, ISO 27001:2013 Lead Auditor/Implementer or related.
  • Familiarity with cloud architectures and services and common cybersecurity risks.
  • Experience performing internal or external audits.

 

Hours:  12:30pm to 9:30pm IST M-F and as necessary

Syniti is proud to be an equal opportunity employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.