Information Security Analyst


Posted: 10/21/21
Employment Type: Contract

Information Security Analyst


Prefer Irvine, CA for future in office work

This is a contract role

If you are interested in contract to hire, that is an option as well


The Sr. Information Security Analyst is responsible for operating information security controls and working closely with cross-functional business partners within the organization to identify and manage risk. The Information Security Analyst promotes a culture of security within the organization, ensuring that operational procedures and practices consistently align with the company’s security policies, tools, and programs. This is a hands-on position that requires an individual with a technical background to contribute with a team that secures the 24/7 corporate operations. This position has access to current security technologies and threat intelligence platforms.


• Contribute to the development of the company-wide information security requirements, threat modeling, secure design, cryptography standards, third-party component, selection of approved tools, secure implementation, and system monitoring

• Threat Detection and Vulnerability management: Full incident response and remediation of security breaches. Security patching for all applications and supporting infrastructure

• Identify gaps in the security posture and work with the team to mitigate or remediate them

• Leverage attack and vulnerability scanning tools to test, and enable the various teams to test, the organization’s assets for vulnerabilities

• Manage information security-related projects to completion, exerting influence and inspiring enthusiastic participation

• Facilitate audit activities as initiated from internal and external entities, following established policies and procedures. Perform evidence gathering for compliance, certification and baseline controls testing

• Engaged in Identity and Access Management (IAM) duties including: 

o Maintain awareness and insight into internal and external software and systems

o Ensure the provisioning and management of credentials across multiple systems maintains alignment with the provisions of the information security management system (ISMS)

o Undertake regular supervisory inspections for non-compliant accounts (non-expiring passwords, stale/locked-out accounts, etc.)

o Take lead in regular IAM reviews including quarterly employment verification and privilege revalidation exercises

• Customer engagement on security questionnaires, contracts, and assessments

• Align with corporate information security on roadmap and strategy 


Here’s what we’ll need from you:

• 5-7 years of experience in Information Security with a focus on leading and managing global application security 

• Strong experience with managing and implementing GRC IT SOC controls 

• Experience documenting technical operating processes and procedures 

• Experience with common Information Security compliance frameworks such as ISO 27001 and NIST CSF 

• Exposure to common Financial compliance frameworks such as SOX 

• Exposure to managing technologies and supplier relationships with across security solution technology solutions such as EDR, DLP, IPS, IDS, SIEM, Cloud Security, etc. 

• Experience with conducting incident investigations, response, and recovery operations

• Experience with industry-standard risk assessment methodologies

• Experience performing security risk and/or vulnerability assessments 

• Preferring experience with any of the following compliance systems: ISO 27001, SOC 2/3, HIPAA, GDPR, CCPA and SOX 

• Securing cloud software-as-a-service implementations leveraging third-party providers such as Azure, AWS or Google 

• Knowledge of Environmental, Health & Safety and/or Quality Management Systems, considered an asset 

• CCSK, CCSP, CEH, OSCP, CISSP or similar certifications preferred 

Meet Your Recruiter

Lance Klem

Lance Klem
Managing Director
The ProSource Group, Inc.
(949) 278-0337

Phone: (949) 278-0337

Apply Now