Facebook, Google, Cisco, FedEx, Amazon, American Express, PayPal, Mazda, Walmart, Honda, Genentech. . . all of these companies rely on AnswerLab's research to support key business and product decisions. We are a growing leader in a rapidly-growing industry and we're looking for a full-time Information Security Specialist.
The Information Security Specialist is responsible for the day-to-day operation, maintenance, and monitoring of the overall Governance, Risk and Compliance Information Security program at AnswerLab.
Act as subject matter expert and as the point of contact for external parties (clients, auditors, consultants, study participants) on all things related to information security, governance and compliance.
Lead all efforts to obtain and maintain data security compliance certification and reporting, including but not limited to ISO 27001, SOC 2, GDPR, CCPA, etc.
Complete client requested data security questionnaires, review data security contracts, and attend calls with clients as needed.
Conduct and/or support routine vulnerability, security configuration, and/or penetration testing assessments, and manage the resulting findings.
Monitor networks, systems, and applications for suspicious behavior, attacks, and security breaches.
Collaborate with internal teams, clients, partners, and study participants on incident response and Business Continuity & Disaster Recovery Plan (BC/DR).
Identify opportunities for implementing additional technology controls to improve information security.
Maintain and updated as needed all information security policies and procedure documentation (e.g., Information Security Management System).
Oversee information security training and phishing awareness/testing program.
Oversee Security projects in alignment with organization goals.
Stay current on information security best practices and new regulations and make recommendations as needed to IT management.
Maintain and report key security metrics.
Communicate overall compliance posture and information security risk factors to executive management team.
Reports to the Director of IT & Operations
Works closely with employees, clients, vendors, and study participants
This job has no supervisory responsibilities
Knowledge, Skills and Experience
We understand that outstanding candidates can come from a variety of backgrounds. While specific experience is important, we are ultimately looking for candidates who have the personal characteristics to thrive in a growing client-focused business. The ideal candidate will likely meet many or most of the job criteria listed below.
Minimum two years of experience in information security, governance or compliance, or other information security-related positions.
CISA, CISM, CompTIA Security+ preferred, but not required.
Proficient with Windows/Mac hardware, Windows/Mac OS, networks, phone systems, cyber security, active directory, mobile devices (Apple, Android), Office 365, web conferencing services, and other related hardware and software platforms.
Understanding of network security concepts (TCP/IP protocol, firewalls, vLAN segmentation, IDS/IPS, common ports and protocols).
Experience with SIEM Tools and Endpoint Security Platforms a plus
Ability to work in a fast-paced environment that requires time management, task prioritization, and ability to identify problems and work toward solutions.
Excellent verbal and written communication skills, including the ability to produce coherent and organized documentation.
Track record of operating independently, being detail-oriented, and delivering results in a highly organized manner.
Must be available to be on-call for infrequent after-hours emergencies.
A healthy sense of humor and a fun personality
Must be able to lift 50 lbs.
Travel required up to 10%.
In addition to expertly meeting the requirements outlined above, your success will be measured on our eight Core Values:
Provide amazing service
Support and Encourage Inclusivity
Jump in to help others
Handle change with flexibility
Innovate our products and processes
Figure it out and get it done
Make AnswerLab a great place to work
Overtime may be required to meet project deadlines.
Sitting for extended periods of time.
Dexterity of hands and fingers to operate a computer keyboard, mouse, and other devices and objects.
Note: This job description is subject to change at any time.
No staffing/recruiting agencies please.
We are interested in every qualified candidate who is eligible to work in the United States. However, we are not able to sponsor visas.