Information Security Analyst (Remote)

Talentify helps candidates around the world to discover and stay focused on the jobs they want until they can complete a full application in the hiring company career page/ATS.

Information Security Analyst

Canada Remote Worker

The Hiring Company Company, LLC (“Hiring Company”) is a global, full-service Clinical Research Organization dedicated to excellence in supporting the advancement of public health and biopharmaceutical innovation. We believe in the power of truth, so much so that we named our company Hiring Company, which means truth. Through decades of experience we have learned that collaborative relationships thrive and human health benefits when truth is our compass.

Our “Character Achieves Results” culture is driven by five key values that guide our actions in the way we conduct research and distinguish us as an organization: Integrity, Agility, Passion for Excellence, Collaborative Partnerships and Intellectual Curiosity. We are a trusted partner to clients who share our passion for improving public health in a world of ever-changing scientific research.

If you share our motivations and passion in research, come join us! You will be joining a collaborative culture that empowers every Hiring Company employee — from entry level through top executive — to contribute to our clients’ success by sharing ideas openly and honestly.

Primary Purpose

Supports and reinforces the company's compliance with governmental regulations, policies, and processes as well as governance of risk. Includes monitoring of security data from external sources (Industry portals, DoD, US-CERT, partners, etc.) and vendor advisories and conducting threat intelligence gathering. Responsible for compliance and Security Authorization activities for Hiring Company clients in accordance with National Institute of Standards and Technology (NIST) guidance and ISO 27001.

Responsibilities

• Assists with development and implementation of system security plans and contingency plans.
• Prepares documentation from information obtained from customers using accepted guidelines such as RMF.
• Responsible for compliance with the FISMA regulation and associated standards. Good understanding of the NIST Special Publications, FIPS and OMB and Federal Information Processing Standards (FIPS).
• Completes documentation in support of project / sponsor activities (e.g., checklists, questionnaires, et
• Tracks the corrective actions in POA&Ms and coordinates the remediation with various groups. Tracks and reports FISMA metrics and Key Performance Indicators (KPIs).
• Works closely with Security Operations to provide assistance with tool configuration and operation
• Reviews system security controls (managerial, operational, and technical) to determine adequacy against federal requirements and mission context utilizing security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments.
• Works closely with the Audit and Quality Assurance (QA) functions to provide validation of security control tests for third-party vendors, e.g., software, hardware, and cloud service providers.
• Routinely conducts risk assessments/reports to quantify impacts of vulnerabilities or decisions to the federal government. Participates in the production of cohesive compliance reports.
• Develops and updates information systems security documentation. Ensures that Authority to Operate (ATO) are obtained in a timely manner.