Company Overview :
Position Summary:
The Analyst is a position within Bains Cyber Security Department, whose mission is to safeguard the digital assets and integrity of the organization. In this role, the Analyst understands how security measures align with the overall organizational strategy and will contribute to the development and implementation of security controls that adhere to regulatory requirements and best practices. The Analyst will participate in cybersecurity projects, risk assessments, and other broader initiatives, driving a secure and compliant digital environment.
Essential Functions:
Security Analysis and Risk Management (50%)
- Coordinate with various departments to understand business needs, functional, and non-functional security requirements
- Conduct or participate in risk assessments, vulnerability assessments, and security audits
- Help implement security controls and measures in line with regulatory requirements and best practices
- Contribute to time and cost estimates for implementing security measures, advising on trade-offs and priorities
- Work as a member of a cross-functional team focused on cybersecurity
Policy, Procedure, and Compliance (40%)
- Support the development, deployment, and maintenance of cybersecurity policies, procedures, and guidelines
- Help with the configuration and management of security tools and platforms
- Handle existing setups, user management, access rights, and any escalations from 1st-level support
- Ensure compliance with internal policies and external regulations
Professional Development and Innovation (10%)
- Stay up-to-date on emerging trends and technologies in cybersecurity
- Participate in technical discovery, proof-of-concepts (POCs), and innovation work streams
- Support efforts to drive innovation and creative problem-solving to meet critical business challenges and demands
Qualifications :
Education and Work Experience:
- 2-4+ Years of relevant experience
- Associates/Bachelor s degree or an equivalent combination of education, training and experience
- Fundamental Security/IT Concepts: Understanding of basics like data retention, data classification, access control, and third-party risk
- Common Security Frameworks: Familiarity with ISO, NIST, SOC 2, and GDPR guidelines and standards
Knowledge, Skills, and Abilities:
Security Analysis and Risk Management:
- Understanding of risk assessments, vulnerability assessments, and security audits
- Familiarity with common security tools and platforms for monitoring and detection.
- Knowledgeable of cybersecurity frameworks and regulations (e.g., NIST, ISO 27001, GDPR)
Policy and Compliance:
- Understanding of the importance of security policies, procedures, and guidelines
- Awareness of compliance requirements and the role they play in an organization
General Skills:
- Good communication skills, with the ability to document and explain technical information clearly
- Analytical mindset, with a focus on learning and problem-solving
- Ability to work well in a team, showing strong interpersonal skills
- Eagerness to learn and adapt to new challenges in cybersecurity
- Entrepreneurial spirit, open to trying new approaches and learning from them
