Sr Analyst, Cyber Security
About The Position
As a Senior Analyst Cyber Security, you’ll be part of our IT – Cyber Security team working as a hybrid employee. You will lead and support cybersecurity compliance initiatives, ensuring alignment with frameworks such as ISO 27001, NIST, PCI DSS, SOX, and NIS 2. The role involves monitoring and assessing the effectiveness of cybersecurity and compliance controls, recommending enhancements and remediation strategies, and collaborating with IT, security, and business teams to resolve audit findings and compliance issues. You will maintain up-to-date knowledge of regulatory requirements, standards, and best practices, and prepare and deliver compliance and audit reports to management and regulatory authorities. Additionally, you will support and prepare for third-party and external audits, develop and deliver training and awareness programs, and develop, maintain, and update IT GRC documentation. The position also requires identifying, evaluating, and reporting on control gaps, maintaining a log of compliance and audit issues, and proactively identifying emerging risks to strengthen cybersecurity posture. The company is a global leader with approximately 43,500 diverse and high-performing professionals, known for brands like DEWALT®, BLACK+DECKER®, CRAFTSMAN®, STANLEY®, CUB CADET®, and HUSTLER®.
Requirements
- Bachelor’s degree in Information Security, Computer Science, or a related field.
- 3+ years of experience in cyber security, IT audit, or IT GRC roles.
- Strong knowledge of IT security frameworks (e.g., NIST, ISO) and regulatory requirements.
- Experience conducting IT security audits.
Nice To Haves
- Professional certifications such as CISA, CISSP, CISM, or CRISC highly desirable.
Responsibilities
- Lead and support cybersecurity compliance initiatives, ensuring alignment with frameworks (ISO 27001, NIST, PCI DSS, SOX, NIS 2).
- Monitor and assess the effectiveness of cybersecurity and compliance controls, recommending enhancements and remediation strategies.
- Collaborate with IT, security, and business teams to resolve audit findings and compliance issues; escalate high-risk or unresolved issues as needed.
- Maintain up-to-date knowledge of regulatory requirements, standards, and best practices.
- Prepare and deliver compliance and audit reports to management and regulatory authorities, track and report on compliance metrics and remediation progress.
- Support and prepare for third-party and external audits, acting as liaison with auditors and regulators.
- Develop and deliver training and awareness programs on cybersecurity compliance; provide guidance to staff on compliance and audit requirements.
- Develop, maintain, and update IT GRC documentation (policies, procedures, risk registers, control matrices, compliance checklists).
- Identify, evaluate, and report on control gaps; maintain a log of compliance and audit issues and their resolution status.
- Collaborate across departments to ensure company-wide compliance and effective resolution of issues.
- Proactively identify emerging risks and propose innovative solutions to strengthen cybersecurity posture.
Benefits
- Competitive salary
- Medical insurance
- Dental insurance
- Life insurance
- Vision insurance
- Disability insurance
- 401(k)
- Employee Stock Purchase Plan
- Paid time off (including paid vacation, holidays & personal days)
- Tuition reimbursement
- Wellness program
- Discounts on Stanley Black & Decker tools and products
- Discount programs for many other vendors and partners
- Career development opportunities
- Access to a wealth of state-of-the-art learning resources, including our Lean Academy and online university
- Diverse & Inclusive Culture
- Volunteerism and giving back initiatives
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
