Skip to content


Job Application


Please answer the following questions in order to process your application.

Email Address *
I certify that I am a U.S. citizen, permanent resident, or a foreign national with authorization to work in the United States. *
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
Attach a Resume * 
Optional covering letter 
Clear covering letter
 * denotes required field
Additional Information:
First Name
Last Name
Home Telephone
Salary Expectation USD
Approximately how far are you willing to travel to work (in miles) ?

Job Details


Senior Information Security Analyst and Risk Management Analyst (Full Time)

Location: Brooklyn New York Country: United States of America Rate: $110k to $130k+bonus

Qualified Senior Information Security Analyst and Risk Management Analyst candidates will have:

- 5 years+ of Information Security and risk management experience
- Experience conducting risk assessments, maintaining Security Frameworks based on HITRUST aspects of multiple computer platforms, operating systems, products, network protocols and system architecture
- At least one or more of the following certifications: CISSP, CISA, CRISC, CISM
- Strong knowledge of information security and risk management
- Strong knowledge of current and evolving cyber threat landscape.
- EXPERT or near expert knowledge of Excel Modeling (Pivot Tables, VBScript, Formula Development)
- Knowledge of specialized telecommunication techniques such Virtual Private Networks, encryption methodology and their associated technologies.
- Good understanding (balance between each of the following):
Unix, Linux, Windows, etc. operating systems, well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.), exploits, vulnerabilities, network attacks
- Experience investigating security incidents.
- Knowledge of industry standards including SSAE 16, ISO 27001, etc.
- MUST HAVE concise, succinct oral communication skills

The core responsibility of the selected Senior Information Security Analyst and Risk Management Analyst candidate (based in Brooklyn Heights, New York, a short commute from NYC), will be to identify security requirements, collaborate on critical projects to ensure that security issues are addressed throughout the project life cycle of any given engagement. This requires the candidate to understand both IT and Information Security business units to identify, select and implement appropriate security and risk management controls and maintain current baselines for the secure configuration and operations of systems.

Additional responsibilities will include taking direction from the Director of Governance in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting risk assessments.

The Senior Information Security and Risk Management Analyst is expected to be fully aware of the enterprise security goals as established by published policies, procedures, and guidelines and to actively work towards upholding those goals.

Risk Management:
Works with various groups within the organization to identify information security requirements, using methods that may include risk and business impact assessments.
Identify legal, regulatory and contractual requirements and organizational policies and standards related to information systems to determine their potential impact on the business objectives.
Create and maintain Information Security policy exceptions process.
Contribute to the Security Awareness Training Program, focusing on the development and roll out of a Cyber Security curriculum.
Conduct application risk assessments and vendor risk assessments. (You must understand how Web Applications work and how they are secured).
Develop and update policies and procedures for the general operation of the Information Security and Risk Management program.
Work with leaders to influence and promote a standardized strategic plan towards enforcing security requirements and address identified risks that preserves the C.I.A. for said agencies.
Play an advisory role in the Software Security Assurance Program by reviewing application scanned results and objectively, determining the level of risk posed by the application.

Acquisition & Deployment:
Keep abreast of Information security and Risk Management industry practices, to include new and or revised regulatory publications; stay attuned to technology solutions that improve security processes and reduce the attack surface
Provide continuous review and improvement of current processes where applicable.
Strategy & Planning:
Participate in the review and update of enterprise security and risk management program
Participate in the creation of enterprise information security and risk management documents (policies, standards, baselines, guidelines and procedures)
Maintenance of Security and Risk Management Framework based on HITRUST Standard
May perform other functions as assigned.

This outstanding career opportunity is based in Brooklyn Heights, New York offering a seven hour work day with a competitive starting base salary in the $110,000.00 - $130,000.00 plus bonus per year range based on experience plus full benefits. Your asking compensation will be submitted after your approval. Candidates with solid skills, competitive compensation requirements will be reviewed first.

If you know someone who might qualify, (No 3rd party referrals or agencies for any WSI requirements. Please don't call to ask if there any exceptions, there aren't), e-mail a Word or RTF resume with contact information, address and phones to Jay J., with the subject line of this message in the subject line of the message you send, (no URL resume links and please do not return a copy of this announcement with your response) at (see below), call.

When resumes are received, the candidate is contacted if there is a match, the situation is thoroughly described and the candidate tells us how they would like us to proceed. No information leaves our office without prior approval. This creates long term relationships, which we encourage.

Posted Date: 23 Oct 2017 Reference: JSINFOSEC-RISKMGMT Company: WSI Nationwide Contact: Jay J.