Title: Info Security Analyst
Duration: 6months
Location: Mount Laurel, NJ (Hybrid – 2 days in office)
 
Job Specific Accountabilities
The Senior Information Security Analyst role supports the execution of independent quality assurance and remediation reviews for audit and regulatory findings for Client's Global Technology Solutions (GTS) area.  The role focuses on assessing the adequacy, completeness, and sustainability of management action plans, evaluating remediation evidence, and identifying residual risk to ensure alignment with regulatory expectations, internal standards, and information security frameworks.
 
This position operates within a 1B / oversight / challenge function, partnering closely with technology teams, operational risk management, audit, and compliance stakeholders to promote strong control hygiene and timely risk reduction.
 
We are looking for someone who is well-versed at providing governance, risk, compliance and issue remediation oversight and control best practices that meet Client’s overarching strategy and objectives. Here's some of what you may be asked to perform:
 

• Conduct quality assurance reviews and challenge of remediation action plans for internal audit and regulatory findings related to information security and technology controls, working with stakeholders across the three lines of defense to ensure effective risk mitigation and remediation
• Assess whether action plans sufficiently address root cause, risk drivers, and control design gaps
• Assess remediation evidence for accuracy, completeness, and sustainability
• Apply established QA rubrics, control standards, and review methodologies consistently
• Identify gaps, weaknesses, or misalignment with policy, standards, and regulatory expectations
• Document review results, conclusions, and rationale in a clear, defensible manner
• Evaluate information security controls across areas such as access management, change management, vulnerability management, data protection, logging and monitoring, third party risk, etc.
• Assess residual risk and escalate concerns where remediation effectiveness is insufficient
• Maintain accurate records of review activities, decisions, and supporting evidence
• Support management reporting and metrics related to remediation quality and status
• Engage with technology owners to clarify remediation approaches and evidence
• Provide constructive challenge and guidance while maintaining independence
• Collaborate with audit, operational risk management, and compliance partners to ensure alignment and consistency
• Contribute to continuous improvement projects, leveraging agile / lean continuous improvement practices/methods that demonstrate sustainable and leading-edge solutions (e.g. Artificial Intelligence (AI), Machine Learning (ML), Power BI/Apps, Python, etc.)
• Identify emerging themes, understand trends, and provide specialized business management advice to senior management and respective teams while raising industry, external and internal, enterprise and business awareness.
• Stay apprised on Industry Best Practices as well as the Technology and Information Security Audit and Regulatory environment.

 
Job Requirements 

• Expert knowledge of IT Audit and Control methodology, IT Governance Controls and Standards, and associated tools to ascertain the quality and effectiveness of technology remediation plans.
• Competencies in technology controls, emerging threats, and technology risk disciplines and practices.
• IT governance experience in various information security methodologies/frameworks (e.g., COBIT 5, NIST, etc.)
• Knowledge of IT policies, standards, and technology risk disciplines and practices
• Knowledge / Experience in core Agile frameworks such as, Scrum, Kanban, and Extreme Programming to execute Challenge functions as defined by the client Agile methodology
• Sound understanding of data analytics (collection, analysis, distribution etc.) and complex business processes
• Experience with change management methods to evolve technology issue management framework (people/process/technology) specific to Challenge Operation
• Experience with Key Performance and Risk Indicators and Technology Risk analytics and reporting, managing and refining business rules and thresholds for Technology controls performance (KPIs) and aggregating risk (KRIs)
• Provide support to the development and testing teams to resolve data issues
• Excellent verbal and written business communication skills; meticulous documentation
• Ability to manage multiple efforts simultaneously and strong organizational skills
• Ability to effectively interact with individuals across the organization and at various levels (technical, business, Senior & Executive Management)
• Ability to educate colleagues and team members related to Challenge Operation processes/tools
• Ability to contribute to / participate in complex technology projects

 
Required Qualifications:

• 5+ years of relevant experience in information security, technology risk, audit and regulatory remediation processes
• Understanding of information security control frameworks (e.g., NIST, ISO 27001, CIS)
• Experience reviewing control design, implementation, and operating effectiveness
• Strong analytical skills with attention to detail and sound professional judgment
• Experience supporting 1B, 2LOD, or QA/challenge functions
• Experience reviewing remediation evidence and validating control effectiveness
• Exposure to GRC tools (e.g., Archer, ServiceNow or similar platforms)
• Expert knowledge various technology tools: including JIRA, Confluence, Sharepoint, MS Office, Excel, etc.
• Relevant certifications or progress towards  or relevant equivalent experience (e.g., CRISC, CISM, CISA, CISSP)
• University degree or relevant field / equivalent experience

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 45.15/hr.