Information Security Analyst - Audit
Location: Lowell, Massachusetts
Posted: October 24, 2017
Reference ID: 201701202
Serves as an internal information security consultant to the organization
This position works as part of a security team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion. This position serves as an internal information security consultant and will assist in designing, implementing, supporting and maintaining policies and security solutions in both Corporate and Cloud hosted environments. This position demands an organized, detail oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.
This position works as part of a security team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion.
Supports continuous monitoring programs in Cloud and Corporate environments to ensure control activities are operating effectively
Supports the implementation, and management of security policies and procedures to ensure they remain aligned with business objectives and meet regulatory requirements.
Provides support to customers and business partners as needed.
Provides support to ensure company processes remain in compliance with SOC control frameworks, and applicable data privacy regulations.
Conduct and evaluate vulnerability assessments of corporate and customer hosted assets
Provides support with third party security risk assessments and audits.
Performs additional duties and projects as assigned by management
BS/BA degree in Computer Science or related discipline or equivalent experience in information security governance and/or related functions (such as IT audit and IT Risk Management)
Excellent verbal and written communication skills to develop positive relationships and effectively communicate with employees, customers, auditors, business partners, and all levels of management.
Knowledge of information security management frameworks such as AT101 SOC 2, ISO, ITIL, CobiT, NIST
Knowledge of networking protocols, operating systems, firewalls, Active Directory, and vulnerability scanning tools highly desired.
Experience monitoring information security environments desired.
CISA, CISM, CRISC, CISSP, or similar security certification desired
You're empowered when you're a Kronite.
Want to be part of an elite group of highly skilled professionals? We think our employees are a special group of talented, energetic, and innovative people. And for that reason, we refer to ourselves as Kronites. Kronites care about more than just work. We recognize the need to maintain a healthy work-life balance - to live inspired. In fact, it's expected! You'll soon learn that we take work and fun seriously. No matter what position you hold at Kronos, you're a Kronite. And we want you to feel like you have the power to make a difference in your life and the lives of others, at work and beyond.
Kronos is a global provider of workforce management and human capital management cloud solutions. Kronos' industry-specific workforce applications are purpose built for businesses, healthcare providers, educational institutions and government agencies of all sizes. Tens of thousands of organizations - including half of the Fortune 1000 - and more than 40 million people in over 100 countries use Kronos every day.
Kronos is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.