Information Security Compliance Monitoring Analyst

Job Locations US-VA-Vienna
Posted Date 6 months ago(6/10/2021 8:28 AM)
# of Openings
IT Operations


BRMi Technology is seeking an Information Security Monitoring Analyst to support a large client. The Analyst will be experienced in Framework implementation, risk management, security control interpretation, control assessments, standards, and enterprise Governance, Risk and Compliance (GRC) tool operations (i.e. ServiceNow). The Analyst will understand how our client standards apply to the Framework controls, and be able to interpret and articulate both while working with Business Units. Information Security Controls will be tested periodically for compliance with requirements detailed in current Standards, with test results documented and tracked in accordance with Information Security Governance requirements. The Analyst will be using the GRC tool daily, and assisting customers (including Information Security Officers and Business Unit management) with understanding reports and customized dashboards.  


Click here to learn about BRMi's culture.


Click here to see BRMi’s Glassdoor reviews


  • Plan, scope and execute testing to validate compliance with information security standards/requirements.
  • Work with the business on development of action plans.
  • Support business units in the interpretation of information security requirements and the performance of 1st line RCSA/control attestations.
  • Aid the business units in understanding and acting on Standards, including support and review of procedures, hardening standards and directives.
  • Keep current with Information Security best practices and industry trends, and communicate/apply these practices to policy improvements and compliance actions.
  • Develop and maintain a thorough understanding of Information Security industry standards/trends, best practices, processes and technology; communicate information to team members as appropriate.
  • Support the Information Security Controls Team with analysis and evaluation of information security standards.
  • Other duties as assigned


  • Experience in the credit union/financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
  • Experience in information security processes, concepts, principles, and methodologies
  • Experience in audit and information security risk assessments
  • Knowledge of applicable federal and state laws, rules and regulations (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
  • Knowledge of NCUA, FFIEC, GLBA, NIST (including the Cyber Security Framework and 800 Series), ISO 27001/27002, SANS/CIS 20, PCI DSS, and other Information Security requirements and frameworks
  • Experience that demonstrates knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies
  • Effective planning and organizational skills
  • Effective research, analytical and problem solving skills
  • Strong verbal, written and interpersonal communication skills, including technical writing
  • Bachelor Degree in business, information systems or related field or equivalent work/military experience
  • CISSP, CISA, CCSP or other Information Security certifications
  • Ability to present findings and conclusions clearly and concisely
  • Experience in working with all levels of staff, management, stakeholders, and third parties
  • Ability to build effective relationships through rapport, trust, diplomacy, and tact
  • Strong word processing and spreadsheet software skills

** BRMi will not sponsor applicants for work visas for this position.**

**This is a W2 opportunity only**



We are an equal opportunity employer that values diversity and commitment at all levels. All individuals, regardless of personal characteristics, are encouraged to apply. Employment policies and decisions on employment and promotion are based on merit, qualifications, performance, and business needs. The decisions and criteria governing the employment relationship with all employees are made in a nondiscriminatory manner, without regard to race, religion, color, national origin, sex, age, marital status, physical or mental disability, medical condition, veteran status, or any other factor determined to be unlawful by federal, state, or local statutes. 


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed