Analyst, Information Security

• Act as a subject matter expert on information security and ITSM industry best practices, standards, frameworks, and regulatory guidance
• Collaborate with cross-functional teams to help maintain standards, procedures, and evidence documentation
• Facilitate the change management process and production deployment evidence reviews
• Monitor, report, and assess the effectiveness of performance and conformance controls
• Facilitate information security training and awareness campaigns
• Coordinate the collection of evidence to support IT audits and examinations
• Maintain control mappings and perform gap analyses to drive continuous program improvement
• Identify, propose, and implement process improvement for information security processes

We are looking for an Information Security Analyst to help ensure demonstrable adherence to applicable IT governance requirements across multiple ITSM and information security processes. You will work effectively and efficiently with cybersecurity, engineering, product, and IT operations teams at various levels of the organization. The ideal candidate is self-motivated, solutions-oriented, detail-focused, and an independent thinker. You possess a strong understanding of the software development lifecycle (SDLC), change management, and IT risk management. You can quickly grasp complex technical concepts and can make them easily understandable in discussions, presentations, and high-quality documentation., Must Have:

• Exceptional written and verbal communication skills, with the ability to present complex information in a clear and concise manner to diverse audiences
• 3+ years of relevant experience in roles such as cybersecurity analyst, IT auditor, software engineer, IT business analyst, IT systems analyst, IT product owner, technical product manager, or IT project manager
• Strong understanding of the software development lifecycle (SDLC), change management, and/or IT risk management

Preferred:

• Undergraduate or graduate degree in computer science, cybersecurity, information assurance, business administration, or a closely related field
• Professional certificates or certifications such as ITIL 4 Foundation, ISO/IEC 27001 Foundation, CompTIA Security+, ISC2 CC, ISC2 CGRC, or ISACA CRISC
• Familiarity with regulatory guidance, standards, and frameworks such as the FFIEC IT Handbook, SOC 1/2, PCI DSS, COBIT 2019, and ITIL
• Experience working in a highly regulated environment such as financial services, military, or healthcare

Cross River builds the infrastructure behind the world's most innovative financial products. Our technology and capital solutions power payments, cards, lending, and digital asset capabilities that move money safely, instantly, and inclusively - trusted by leading fintechs, enterprises, and disruptors across the globe. Our mission is simple: to build the financial infrastructure that expands access and opportunity for all. Guided by a culture of collaboration, curiosity, and purpose, Cross River has been named one of American Banker's Best Places to Work in Fintech year after year. Whether you're designing code, solving regulatory puzzles, or developing strategy, you'll join a team where innovation and integrity drive everything we do - and where your work helps shape the future of finance.