Kronos Information Security Analyst in Lowell, Massachusetts
Information Security Analyst
Lowell - Massachusetts - USA, Weston - Florida - USA
Security/Privacy & Risk
This position works as part of a privacy and risk team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion. This position serves as an internal risk consultant and will be the subject matter expert responsible for designing, implementing, and supporting a security control framework for a multi-tenant software-as-a-service product in a public cloud. Primary responsibilities include providing insight to relevant business stakeholders on how to best protect data, platforms, and infrastructure as strategic initiatives are executed. Secondary responsibilities will include producing industry compliance reports (i.e.: SSAE18, HIPAA, ISO27001/17/18) and monitoring control activities in certified environments. This position demands an organized, detail-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.
• Advise and support stakeholders responsible for customer hosted environments to ensure control activities are designed and implemented appropriately to protect the security, confidentiality, privacy, integrity and availability of data in compliance with organization policies and standards.
• Monitor business processes, recommend improvements, and assist stakeholders to achieve information security goals and objectives related to Information Technology general controls
• Conduct risk assessments in hosted environments and collect evidence in support of audits
• Assist external auditors conducting annual compliance audits by reviewing all evidence to confirm it satisfies the items included in the document request list
• Utilize industry experience and knowledge to provide expertise and support to ensure product’s security framework remains in compliance with applicable regulations, including evolving data privacy regulations
• As a strategic partner on the privacy & risk team to the company, consult on projects that automate business processes and drive employee efficiency to design and implement new controls to achieve compliance objectives
• Assess the internal design of any new technologies and identify risks to the environment and/or organization
• Support third party security risk assessments and IT audit, and provide tracking for findings and resolution
• Provide expertise in support of new product development activities to ensure products comply with information security and privacy standards
• Support the development, implementation, and updating of security policies and procedures
• Perform additional duties and projects as assigned by management
• BS/BA degree in Computer Science or IT audit related discipline or equivalent experience and a minimum of 3-5 years work experience in information security governance and/or related functions (such as IT audit or IT Risk Management)
• Demonstrated experience with information security frameworks including SSAE 18 SOC 1, AT101 SOC 2, or ISO27001/17/18, and HIPAA
• Demonstrated experience working in information security, risk management or IT audit
• Demonstrated experience articulating technical concepts to non-technical users
• Strong business acumen to include strong verbal and written communication skills.
• CISA, CISM, CRISC, CISSP, or similar security certification preferred
Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers
Equal Opportunity Employer
Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.
View The EEO is the Law poster (https://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm) and its supplement .
View the Pay Transparency Nondiscrimination Provision (https://www.dol.gov/ofccp/pdf/pay-transp_formattedESQA508c.pdf)
UKG participates in E-Verify. View the E-Verify posters here (https://www.e-verify.gov/sites/default/files/everify/posters/EVerifyParticipationPoster.pdf) .
For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com or please call 1 (978) 250 9800.
- Kronos Jobs