Sr Information Security Analyst

Sr Information Security Analyst Job Description Template

Our company is looking for a Sr Information Security Analyst to join our team.


  • Identify and communicate opportunities to reduce risk and improve the overall effectiveness and operational efficiency;
  • Responsible for continuous improvement of information security and risk management processes and change procedures to create process efficiencies;
  • Perform other duties and responsibilities as required, assigned, or requested;
  • Work closely with Information Security and Compliance leadership in the development of audit scope, objectives and testing attributes;
  • Lead and participate in enterprise and departmental projects that require analytical and risk assessment skills;
  • Regularly provide status reports for assigned engagements;
  • Completes annual education requirements;
  • Assist in the development of less-experienced staff through the review of audit work papers and timely feedback;
  • Plan and execute regular recurring and ad-hoc security related reviews, audits and internal process reviews;
  • Assist and lead efforts to support HITRUST certification and maintenance.


  • Strong technical skills in information security technologies, tools and standards with hands-on experience;
  • Audit, compliance or PM backgrounds are beneficial;
  • Advanced security certification (CISSP, CISM, CISA, etc.) preferred;
  • Prioritize and balance several workstreams and projects;
  • Ability to lead a small functional teams in planning and design;
  • An entrepreneurial drive and willingness to solve tough problems;
  • Influences others within and outside of job function, and communicates with external stakeholders;
  • Understanding of audit practices and compliance frameworks;
  • Strong project management and communication skills;
  • Able to work with technical and non-technical staff to manage project deliverables and team relationships;
  • Ability to present information security concepts to all levels of the organization and explain their relevance to the executive management team.