Information Security Analyst - Risk and Privacy (Boston)
QuantumBlack is seeking a high-performing, self-motivated, and team-oriented individual to join its Risk team. This individual will be instrumental in developing, implementing and executing critical components of the Firm’s information security and risk management program.
This is a challenging and pivotal role in the internal operations of a rapidly growing, global Firm practice.
This role offers an excellent opportunity for the candidate to be entrepreneurial, creative, and have a direct impact on the bottom line by ensuring advanced analytics consultations are conducted in accordance with internal and external/client requirements. For this exciting and high-profile role, we are seeking an individual with strong subject-matter expertise, people skills, ability to prioritize, attention to detail, and commitment to client service.
You will be responsible for developing and driving Risk initiatives which are critical to shaping our client service delivery and internal operations.
Responsibilities will evolve as the practice grows and the Analyst will continue to shape the role’s priorities in collaboration with team leadership. However, primary role responsibilities will include:
- Supporting and enabling Firm analytics practitioners (consultants)
- Executing risk assessments of new consulting projects and implementing appropriate risk mitigation
- Monitoring internal analytics community operations and delivering real-time support
- Participating in client discussions and facilitating security/privacy/compliance attestation efforts
- Developing and maintaining partnerships with Firm analytics practitioners
- Collaborating with local office IT Managers and data environment (e.g., cloud platform) administrators
- Developing, documenting and driving Risk program maturation activities
- Collaborating with enterprise teams and other Firm risk stakeholders
- Contributing to program and enterprise policy/guidance development and periodic revisions
- Monitoring external landscape (i.e., industry, regulatory) and communicating relevant updates back to Risk team
- Drafting leadership communications/presentations
- Facilitating external risk and compliance assessments; and, where appropriate, leading subsequent remediation plans
- Driving program development/management initiatives and other special projects
- Delivering timely and impactful risk-themed training and awareness to Firm analytics practitioners
- Developing risk-themed guidance and resources
- Bachelor’s degree; graduate degree desirable
- Strong background in fields of information security, privacy and regulatory compliance
- Proficiency in industry/regulatory frameworks and guidance – e.g., ISO27001, NIST, SSAE 18, GAPP, CSA, HIPAA, GDPR
- Industry certifications – e.g., CIPP, CISSP, CRISC, CISM, CGEIT, GIAC
- Exemplary ability to cultivate trust-based relationships
- Strong analytical skills, and proficiency in MS Office suite
- Excellent problem solving, organizational skills and keen attention to detail
- Prior professional-service experience desirable
- Flexibility for moderate travel and some work outside of standard office hours