Senior IT Security Analyst

About The Position

Requirements

• U.S. citizenship is required for this position due to Department of Defense restrictions.
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Network Security or related field or equivalent combination of education and experience.
• 5 or more years of experience in security policy, governance, risk, and compliance roles.
• Strong working knowledge of NIST CSF and AI governance principles, as well as other cybersecurity frameworks such as ISO 27001, CIS, or SOC 2.
• Strong knowledge and understanding of cloud security policies, configuration standards, and best practices for AWS, Azure, GCP, or SaaS applications in order to apply governance.
• Demonstrated experience with ServiceNow IRM modules, including policy, risk, audit, and compliance workflows.
• Ability to create clear, professional, and actionable security and risk governance documentation.
• Experience developing and delivering security awareness training programs.
• Excellent communication skills, capable of engaging both technical and non-technical stakeholders.
• Demonstrated experience in developing and implementing security policies and standards in a highly regulated environment.
• Strong analytical, organizational, and project management skills, with the ability to drive initiatives independently.

Nice To Haves

• Familiarity with knowbe4 or other security awareness platform tools.
• Familiarity using AI to facilitate automated workflows.

Responsibilities

• Developing, reviewing, and maintaining corporate security policies, standards, procedures, and guidelines in alignment with NIST CSF, regulatory requirements, and industry best practices.
• Integration and management of security policies, controls, and risk assessments within ServiceNow IRM and Managed Documents.
• Conducting risk assessments, control evaluations, and gap analyses mapped to NIST CSF to support audit readiness and compliance initiatives.
• Collaborating with IT, Risk, Compliance, and Business teams to ensure policy adoption and awareness across the organization.
• Creating clear, concise, and actionable security documentation, including policies, procedures, guidance, and reports.
• Monitoring compliance with internal policies and external regulatory requirements, identifying gaps and driving remediation efforts.
• Providing reports and analytics on policy adherence, exceptions, and trends using ServiceNow dashboards and workflows.
• Serving as a subject matter expert on security governance, NIST CSF implementation, and risk management best practices.
• Mentoring junior analysts and providing guidance on policy development, implementation, and ServiceNow utilization.
• Developing security awareness training programs to educate employees on corporate security policies, procedures, and best practices.
• Supporting AI governance awareness programs to inform employees about responsible AI use, ethical considerations, and regulatory requirements.
• Maintaining and updating training materials to reflect changes in policies, regulations, or emerging AI and cybersecurity threats.
• Assessing and monitoring third-party vendors to ensure compliance with company security policies and industry regulations.

Benefits

• Remote and hybrid work options available
• Performance bonus and/or merit increase opportunities
• 401(k) with a 100% match for the first 3% of your salary and a 50% match for the next 2% of your salary (100% vested immediately)
• Competitive paid time off
• Health insurance, dental insurance, and telehealth services start DAY 1
• Professional and Leadership Development Programs