Summary - Onsite Role
Our client, an investment management company in the real estate industry, is looking to add a Cybersecurity Analyst to their IT organization. With a strong background in information security, this individual will be responsible for implementing, monitoring, and maintaining the security of information systems and networks, ensuring protection from cyber threats and unauthorized access. Additionally, this individual will manage all security-related activities associated with hiring and offboarding employees. This position offers an opportunity to work in a dynamic, fast-paced environment.
- Develop, implement, and maintain information security policies, procedures, and guidelines in accordance with industry best practices and regulatory requirements.
- Continuously monitor and analyze the firm’s networks and systems for potential security vulnerabilities, threats, and incidents.
- Perform regular security assessments, vulnerability scanning, and penetration testing to identify and remediate security risks.
- Respond to and investigate cybersecurity incidents, including providing necessary support to incident response and disaster recovery efforts.
- Collaborate with internal and external stakeholders to ensure the security of data, systems, and networks.
- Implement and manage security tools, such as firewalls, intrusion detection systems, encryption, and endpoint security solutions.
- Compliance with all applicable regulations and industry standards, including SEC, FINRA, and other regulatory requirements.
- Conduct regular security awareness training for employees to promote a strong security culture within the organization.
- Stay informed about emerging threats, vulnerabilities, and trends in the cybersecurity landscape and recommend appropriate countermeasures.
- Prepare and present reports on the status of the firm’s information security posture to management and other stakeholders.
- Manage security-related activities during employee onboarding and offboarding, including access provisioning and deprovisioning, and ensuring that access control policies are followed.
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
- Minimum of 5 years of experience in information security or cybersecurity, preferably within the financial services industry.
- Strong knowledge of information security frameworks and standards, such as NIST, ISO 27001, and CIS Critical Security Controls.
- Familiarity with regulatory requirements and industry standards for investment advisory firms, including SEC and FINRA regulations.
- Experience with security tools and technologies, such as firewalls, intrusion detection/prevention systems, encryption, and endpoint security solutions
- Strong Experience with Okta access control and identity management platform.
- Strong analytical, problem-solving, and decision-making skills.
- Excellent communication and interpersonal skills, with the ability to work effectively both independently and as part of a team.
- Relevant professional certifications (e.g., CISSP, CISM, CEH, or CompTIA Security+) are highly desirable.