Information Security Analyst I

Smarsh takes security very seriously. The Information Security Analyst I works with teams to design, deploy, and maintain secure software and business processes. The work includes partnering with a variety of business units to establish repeatable risk management processes and policies in alignment with appropriate industry standards. The role works with external auditors and customers to assess and demonstrate the effectiveness of controls and to re-design controls where necessary to achieve our goals.

What will you bring?

• Conduct Due Diligence / RFP Security Questionnaire Response and annual response quality certification.
• Gain proficiency in Smarsh products knowledge for compliance evidence and audits.
• Support InfoSec GRC leader to develop the ISO27001 program strategy, charter, and ISMS Manual.
• Support technical risk reporting based on monitoring internal and external vulnerabilities, ensuring timely resolution, and creating vulnerability assessment reports
• Test and manage vendor risk assessment tools and processes
• Contribute to establishing an Information Security Policy program for ISO27001 ISMS audits and assisted in developing an ISMS reporting dashboard for the council.
• Supported the launch of firm-wide cybersecurity awareness training and reported on completion metrics
• Helped support the Smarsh Business Continuity Charter, Strategy, Program, and Test planning across products and Corp IT.
• Help develop performance metrics and a Risk reporting dashboard.

What will you bring?

• 1+ years of Information Security professional experience.
• Bachelor's degree is desired.
• Demonstrated experience of being an effective team player.
• Demonstrated successful experience with risk assessment and vendor management tasks.
• Experience producing reporting.
• Have built a network of peers in their field and have various industry experiences.
• Be able to share their knowledge of the relevant regulatory environment and clearly articulate risk management concepts and the process of risk assessments.
• Data analytical skills and know where to seek Information Security risk reporting guidance.
• Can highlight situations when their ethics were strengthened by experiences.
• Be able to prove their effectiveness as a team player.
• Have curiosity about how we protect information.

$85,000 - $105,000 a year

The above salary range represents Smarsh's good faith and reasonable estimate of the range of possible base compensation at the time of posting. Any applicable bonus programs will be discussed during the recruiting process.

The salary for this role will be set based on a variety of factors, including but not limited to, internal equity, experience, education, location, specialty and training.

Local cost of living assessments are done for each new hire at the time of offer.