Job Description :
Title: Jr. IT Risk & Cyber Security Analyst with (NIST & ISO 27001), Hoboken, NJ

Location: Hoboken, NJ

Experience Level: Not more than 5 years of experience. Need junior consultants.


The consultant will be responsible for developing and implementing Information Security program, policy and relevant security standards.
The consultant will design proper security controls to protect the bank’s informational assets against confidentiality, integrity and availability loss.
Monitor, track and report all control weaknesses and violation for security policy and standards.
Consultant is also responsible for designing and implementing security assessment framework for infrastructure, databases, internal applications, vendor and third party application and cloud solutions.


Coordinate the execution of security governance and assessment control initiatives.
Assists in defining, creating and implementing banks information security policy/standards, guidelines
Work under ISO’s supervision to define and implement information security program and security control assessment strategy.
Organization and prepare for monthly, quarterly security governance meetings.
Define the security assessment checklists for various internal and external systems.
Perform security assessments, access reviews and gap analysis as per defined in the program
Review and approval of the system/network configuration changes, system patches and updates according to the banks procedures.
Review compliance with the information security policy and standards.
Provides periodic reporting on information security issues and gaps
Interfaces with external contacts and third parties
Performs all functions as assigned by ISO
Provide high quality work by ensuring accuracy and seeking to continuously improve information security processes by embracing new and better ways of doing things.


Strong IP, Network, Microsoft Windows, Linux, UNIX, Database, middleware experience and knowledge.
Strong understanding of NIST 800-53, 27001, COBIT, FFIEC, ISO control framework
Three to Five years’ experience in information security and risk management
Strong skills in Vendor/Third-party security controls, security auditing tools
Strong project management skills, technical writing and presentation skills
Understanding of GRC tools like archer, risk vision etc.
Applications experience in international banking, multi-currency accounting, global securities processing.
CISSP, CISA,CISM,CEH, Security+ type of certifications are plus