Information Security Analysts have an in-depth understanding of information security with the ability to quickly understand a client’s business environment and security requirements. This knowledge must be coupled with an in-depth understanding of at least one of today’s leading information security frameworks: PCI DSS, HIPAA/HITECH, GLBA, or ISO 27001. The Analyst must use this knowledge to audit and assess a client’s security posture as it relates to business drivers and ascertain compliance with established security and privacy requirements. Analysts must present clear findings to the client in written and verbal form.

Compensation Range:
$90,000 – $105,000 annual salary based on experience and geographic location

Benefits:
Dara offers a full benefits package. We pay 100% of employee premiums for healthcare insurance (medical, dental, vision), offer a 401k plan with company match, Profit Sharing Plan, certification/training bonuses, monthly internet expense reimbursements, well-being expense reimbursements, personal days off in addition to earned Paid Time Off, and opportunities to earn top-level industry certifications.

Work Location and Schedule:
This full-time position is 100% remote and requires the ability to work well independently to complete projects on time. The role requires occasional travel to client locations both within and outside of the United States. Hours of work may vary and depend on the project assigned to the analyst.

Required Certifications (must be current and not expired):
One of the following information security designations: (ISC)2 CISSP, ISACA CISM or ISO 27001 Lead Implementer
AND
One of the following auditing designations: ISACA CISA, GIAC GSNA, ISO 27001 Lead Auditor, ISO 27001 Internal Auditor, IRCA ISMS Auditor (or higher), or IIA CIA

Education requirements
Bachelor’s Degree in Information Security, Cybersecurity, Information Technology, or related field or equivalent experience

Job Duties: 

• Conduct PCI assessments and gap analyses
• Perform auditing techniques and procedures that support assessment findings
• Create quality, customized reports that detail the client’s control environment and assessment findings
• Formulate a roadmap of actionable steps for improving the client’s security posture and/or achieving compliance
• Effectively communicate complex technical information to a variety of audiences, including executive level and technical decision-makers
• Interact with customers to schedule and perform activities as detailed in SOWs
• Consult with clients to help them understand assessment findings and remediation options
• Work with Sales Professionals and customers to provide presales and scoping assistance as needed
• Develop subject matter expertise across various industries focusing in information security and privacy requirements
• Consistently update Dara Security’s CRM and work management platforms to ensure accurate tracking of project activities

Experience Requirements Skills/Qualifications:

• Detail-oriented with excellent time management, organization, follow-up, and follow-through skills
• Familiarity with various security control processes & solutions, including cloud security, vulnerability management, firewalls, IAM, SIEM, EDR, IDS/IPS, DLP, AV, FIM, WAF, cryptography, software development, etc.
• General networking knowledge, including networking, system technologies and communication protocols
• Solid understanding of audit procedures
• Sound verbal, written and communication skills
• Proficient with MS Word, MS Excel, and PowerPoint
• Ability to handle interruptions in a challenging environment
• Team player with a positive attitude who can independently complete projects with minimal management oversight
• Driven to learn new technologies and audit techniques