100% Remote - Cybersecurity Analyst (ISO 27001)- 2761326

Please send resume should you be interested in the following 100% Remote -Cybersecurity Analyst position. This is a direct-hire, contract (2+ years), position with a salary between 80-90K and awesome benefits. If you’re not interested, please pass along to your colleagues as we do pay referral fees.

***Must live in United States CST / EST time zones***

Title: 100% Remote - Cybersecurity Analyst (ISO 27001)

Location: 100% Remote (CST / EST)

Salary: $80K - $90K (DOE) with excellent benefits

Term: Contract (2+ years)

Referral Bonus: 1K – send to qualified colleagues, friends and family.

Job Description:

As the Cybersecurity Analyst - ISO, you will join an outstanding team of some of the most innovative minds in the business tasked with designing and deploying security guardrails. You will be part of the Cybersecurity team leading all aspects of risk assessment and management, partnering with business leaders to identify and mitigate operational, regulatory, and reputational cybersecurity risks related to ISO27001.

You will be the key contributor in implementing risk management solutions, developing security controls, conducting risk assessments, and partnering with IT to provide recommendations for improvements. Your work will improve our processes and identify ways to make our IT control environment even better. Your key partners will be cloud domain architects, application developers, infrastructure teams, and the Cybersecurity organization as a whole.

Major Responsibilities

• Maintain ISO 27001 policies, standards, and procedures, and oversee the communication plan to promote security and compliance awareness.


• Identify potential risks, threats, and vulnerabilities within the environment using the ISO Risk Assessment framework and collaborate with relevant teams to document appropriate security control mitigations.


• Lead projects to implement, operate and maintain risk registry and track corrective action plans.


• Continuously monitor, manage, and ensure ISO 27001 security and compliance efforts across multiple teams.


• Evaluate the effectiveness of system controls, conduct testing to identify root causes of issues, and provide improvement recommendations to senior management.


• Track remediation efforts for controls that are not performing as intended and enhance the control environment to address existing and emerging threats.


• Respond to ad hoc requests from business and IT for guidance on controls and compliance.


• Develop and deliver presentations on risk status and the potential impact of unmitigated risks.


• Report identified concerns and gaps from assessments, collaborate with development teams and architects to create corrective action plans, and track progress to closure.

Required Skills/Knowledge

We work closely with our critical applications and their technology stacks from end to end. We seek candidates with 3-5 years of deep application security experience and a comprehensive understanding of infrastructure security. You should thrive in a fast-paced environment, effectively balancing competing priorities, and be able to work with a strong sense of urgency and attention to detail. A passion for problem-solving and delivering process improvements is essential.

• Strong knowledge of cybersecurity principles, governance, and regulatory compliance


• In-depth understanding of risk assessment methodologies, vulnerability management, and security control frameworks (e.g., NIST, ISO 27001, COBIT)


• Excellent business, analytical, quantitative, problem-solving, and decision-making skills


• Hands-on experience with cybersecurity risk and compliance assessment


• Strong interpersonal skills with a proven ability to collaborate with internal clients and support functions


• Experience in interpreting and implementing policies and processes to ensure a robust control environment


• 3-5 years of experience in an Information Security Risk Analyst role or a similar cybersecurity risk management position


• Industry certifications such as CRISC, CISA, or ISO 27001 Auditor are strongly preferred.

Educational Background Required

• Bachelor's Degree in Computer Science Preferred