Analyst, Information Security Governance

Harvard Business Publishing (HBP) - the leading destination for innovative management thinking. We reach lifelong learners to improve the practice of management in a changing world. This mission inspires each of us to unlock the leader in everyone - including you!

The opportunity:

TheAnalyst, Information Security Governancewill ensure that HBPs operations and procedures meet secure standards. This role will research standards and policies, establish and communicate requirements, and work on Governance & Security related tasks.

The Information Security team has many roles, including oversight of security governance:

• Internal Audits
• Vendor Compliance
• Vulnerability Management
• Maintaining Governance Tools
• Advisors to the Business
• Data governance consultation
• Security vetting for technology
• Maintain Governance documentation

What you'll do:

• Assist in regular security governance assessments to better understand potential operational gaps within the organization that result in creation of remediation and corrective action plans
• Generate executive reports of audit findings and recommendations
• Monitor and report on vulnerability detection and remediation trends
• Assist with remediation tracking for penetration tests and other security findings
• Support different business units to understand and address security needs, and ensure standards are followed
• Collaboration with legal on compliance and privacy needs that involve legal reviews and recommendations
• Assist and support the Vendor Management Program (VMP) by performing security risk assessments of new HBP vendors, and reviewing vendor user access requests
• Research industry standards and new developments by reviewing bulletins and other sources of information
• Keep departments abreast of standards by writing and assisting in communicating guidelines
• Prepare reports by collecting, analyzing, and summarizing information
• Contributes to team effort by accomplishing related tasks as needed

What you'll bring:

• 2-3 years of experience in a similar role
• Knowledge of the ISO 27001 and NIST Cybersecurity standards frameworks
• Familiarity with CI/CD and SDLC processes and concepts
• Strong technical background is preferable
• Strong verbal and written communication skills
• Ability to work both independently and as part of a team
• Accountability, responsibility and ownership for assigned projects

You'll stand out if you have:

• Experience in JIRA
• AWS experience

What we offer:

As a mission-driven global company, Harvard Business Publishing is committed to fostering a culture of inclusion, trust, and engagement where everyone is welcome, valued, respected, and feels they belong. In addition to a competitive compensation and benefits package, we offer meaningful programs focused on career development and employee wellness, such as education reimbursement and early-release Summer Fridays!

HBP is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, gender identity, sexual orientation, pregnancy and pregnancy-related conditions, or any other characteristic protected by law.

$80,000 - $85,000

Above is the annualized pay range for this position. In addition, this position includes the opportunity to earn our annual Performance Based Variable Pay Program. Actual salary will be set based upon a range of factors, including external benchmark market data, individual knowledge, skills, experience, location and internal equity.