Five Rivers IT, Inc.

IT Security Compliance Analyst 
At Five Rivers IT, we build and service reliable IT infrastructures for midsized businesses. Five Rivers IT has been growing at a consistent rate of 30% a year for the last 3 years.
We are in search of a Senior IT Security Compliance Analyst to join the dynamic team of professionals providing world-class IT services to its clients in the NYC metro area. This is a great opportunity for a self-starter with a proven track record to develop, implement, and support various initiatives in the area of governance, risk and compliance. 
 
Responsibilities:

• Lead the planning, scoping, execution and documentation of audits primarily in areas associated with technology and technology-related risks.
• Act as a liaison between Auditors and Engineering/IT by coordinating requests for information and coordinating responses to any observations.
• Maintain proactive ongoing compliance by utilizing compliance tool to perform periodic security tasks and checks.
• Research new security compliance requirements and assist in evaluating compliance control requirements.
• Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence.
• Write detailed findings, remediation plans, and other supporting documentation  
• Provide actionable, technical advice to engineers to enhance security control design & effectiveness (including for cloud environments)
• Develop a close partnership with engineering control owners to educate them on compliance requirements and develop risk-appropriate control implementation solutions.
• Responsible for Incident Management, be readily available for: Incident documentation, ensure risk analysis and severity, manage containment, lead investigation, ensure proper notification protocol, conduct & document lessons learnt, Report on findings to then communicate them to the client.  

• Bachelor's in Computer Science, Computer Engineering, Information Systems or related field or equivalent work experience
• 5+ years of experience managing Information Security audits (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA) 
• Experience implementing security techniques, practices, and controls that can be applied to address risks
• Experience operating as part of an Information security program in alignment with common information technology management frameworks such as ISO 27001, NIST, CIS, ITIL, COBIT, etc.
• Strong written and verbal communication skills
• Strong program management skills
• Experience working closely with auditors and/or external regulators
• Experience managing security tools

• This job requires working for multiple clients across multiple environments in a managed services setting. 
• This is a Full-Time position.
• Compensation for IT Security Compliance Analyst will range from $125,000 to $175,000 based on experience, if your experience falls outside required ranges compensation may be based on other open roles.
• All standard benefits are included such as medical/dental/vision insurance and vacation time.
• We encourage and reward professional certifications.

Please send your resume with the expected salary. Applications lacking expected salary will not be considered.