Information Security Specialist

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Security, Communications, Business, or a related field (or equivalent experience).
• 3+ years of experience in a cybersecurity, risk, compliance, or program support role.
• Foundational understanding of cybersecurity principles, frameworks, and regulatory requirements (e.g., NIST, ISO, GLBA, FFIEC).
• Excellent writing, editing, and communication skills.
• Strong interpersonal and collaboration skills; able to work effectively with diverse teams and stakeholders.
• Critical thinking, attention to detail, and strong organizational skills.

Nice To Haves

• Experience supporting awareness or training programs is a plus.
• Familiarity with GRC tools or security documentation platforms is a plus.

Responsibilities

• Policy & Program Support: Assist in drafting, editing, and maintaining cybersecurity policies, standards, and procedures. Help ensure documentation is clear, consistent, and aligned with regulatory and organizational requirements.
• Inherent Risk Assessment Coordination: Support the facilitation and documentation of Information Security Business Impact Assessments by working with business units to gather and organize input.
• Client & Third-Party Requests: Help prepare responses to client security questionnaires and due diligence requests, ensuring timely and accurate information delivery.
• Cybersecurity Awareness: Contribute to the planning and execution of awareness campaigns, including drafting communications, coordinating logistics, and tracking engagement. This may include engaging with colleagues, facilitating sessions, and representing the security team in a visible, interactive role.
• Regulatory & Audit Support: Organize and maintain documentation to support audits, assessments, and regulatory reviews. Track deliverables and follow up with stakeholders as needed.
• Cyber Maturity Tracking: Assist in collecting and organizing data for cyber maturity assessments, helping to identify trends and support reporting.
• Collaboration & Communication: Work closely with internal teams including Privacy, Legal, Compliance, Third Party and Risk to ensure alignment and smooth execution of the Policy and Program teams initiatives.
• Documentation: Create clear, professional documentation to support transparency, accountability, and informed decision-making.