

information Security analyst
Location: New York & Amsterdam
Location: New York & Amsterdam
About the Role:
As a leading provider of regulatory intelligence solutions for top investment managers, we build quality software for demanding users. Our fast growing organization is looking for an experienced Information Security Analyst to lead our in-house and external Information Security projects.
The successful candidate would work closely with the COO and existing staff in a number of IT/Cybersecurity areas. As the Information Security Analyst you will be responsible for coordination of information security initiatives across the global organization to ensure that the confidentiality, integrity, and availability of this division and customer information are within scope and our work product is rigorous in delivery.
You will design, implement and monitor enterprise security solutions and work closely with Clients Service, Software Development, other departments and vendors to evaluate and select Security technologies that meet the security and compliance requirements of our business.
In exchange, Advise offers a true growth opportunity: we are a successful, revenue-driven ex-start-up; our employees work with remarkable autonomy and have lots of opportunity for direct, creative input into product decisions. This position also provides an excellent opportunity to gain or increase an understanding of finance, operations, risk, and regulation.
Responsibilities:
-
Internal Infrastructure/InfoSec management – review current technical infrastructure, including internal company infrastructure and customer hosting (SaaS) infrastructure, for vulnerabilities and areas of improvement. Propose and manage implementation of required changes. Manage external SSAE SOC1 (or similar) audit.
-
Information Security Policies – review and update existing P&P as required.
-
Vendor Due Diligence – Ongoing governance of Company’s key service providers
-
Customer facing Vendor Due Diligence – review vendor DDQ responses on behalf of customers in support of a service offering; including follow up/drilldown with vendors and development of vendor scorecard
-
Nice to have: DevOps – work closely with development, infrastructure, and technology teams to develop, streamline, and administer cloud infrastructure for customer facing applications
Desired skills and competencies:
-
5+ years of professional experience in a similar role
-
Possess broad security qualifications and certifications
-
Excellent verbal and written communication skills
-
Rigorous insistence on detail, innovative mindset, analytical thinking, and problem-solving
-
Strong stakeholder management skills