Skip to content

Careers

Transcend the day-to-day work experience. Work inspired.

Information Security Analyst III

Location:

Lowell - Massachusetts - USA

Function:

Information Technology

Ref #:

201701680
Apply >

Description

This position works as part of a security team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion. This position serves as an internal information security consultant and will be the subject matter expert responsible for designing, implementing, and supporting a security control framework for a multi-tenant software-as-a-service product. Primary responsibilities include execution of SSAE16 SOC 1 and SOC 2 exams and monitoring control activities in certified environments. This position demands an organized, detail oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.

RESPONSIBILITIES
• Provide information security expertise and support to assist in the achievement of both corporate and cloud compliance programs
• Provide expertise and support in customer hosted environments to ensure control activities are designed and implemented appropriately to protect the security, confidentiality, privacy, integrity and availability of data in compliance with organization policies and standards.
• Oversee a continuous monitoring program to confirm Management may assert the control environment is operating effectively
• Implement and monitor corporate business processes, recommend improvements and assist stakeholders to achieve information security goals and objectives related to Information Technology general controls
• Conduct risk assessments in SSAE16 SOC 1 and SOC 2 environments and collect evidence in support of audits.
• Assist external auditors conducting annual compliance audits by reviewing all evidence to confirm it satisfies the items included in the document request list
• Utilize industry experience and knowledge to provide expertise and support to ensure company’s security framework remains in compliance with applicable regulations including evolving data privacy regulations
• As a strategic partner on the information security team to the company, consult on projects that automate business processes and drive employee efficiency to design and implement new controls to achieve compliance objectives
• Represent the Information Security team at Change Advisory Board meetings to determine security and risk are evaluated in each change to the environment
• Coordinate the internal design of Information Technology general controls
• Support third party security risk assessments and IT audit, and provide tracking for findings and resolution
• Provide expertise in support of new product development activities to ensure products comply with information security and privacy standards
• Support the development, implementation, and updating of security policies and procedures.
• Perform additional duties and projects as assigned by management

Qualifications

• BS/BA degree in Computer Science or IT audit related discipline or equivalent experience and a minimum of 3-5 years related work experience in information security governance and/or related functions (such as IT audit and IT Risk Management)
• Demonstrated experience with audit frameworks including SSAE 16 SOC 1, AT101 SOC 2 or ISO27001
• Demonstrated experience working as an expert in information security, risk management or IT audit
• Demonstrated experience articulating technical concepts to non-technical users
• Strong business acumen to include strong verbal and written communication skills.
• CISA, CISM, CRISC, CISSP, or similar security certification preferred

#LI-DE1

Corporate overview

You’re empowered when you’re a Kronite. 

Want to be part of an elite group of highly skilled professionals? We think our employees are a special group of talented, energetic, and innovative people. And for that reason, we refer to ourselves as Kronites. Kronites care about more than just work. We recognize the need to maintain a healthy work-life balance – to live inspired. In fact, it’s expected! You’ll soon learn that we take work and fun seriously. No matter what position you hold at Kronos, you’re a Kronite. And we want you to feel like you have the power to make a difference in your life and the lives of others, at work and beyond. 

Kronos is a global provider of workforce management and human capital management cloud solutions. Kronos’ industry-specific workforce applications are purpose built for businesses, healthcare providers, educational institutions and government agencies of all sizes. Tens of thousands of organizations – including half of the Fortune 1000® - and more than 40 million people in over 100 countries use Kronos every day. 

EEO Statement

Kronos is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.