Cybersecurity Analyst III

Job Summary

The governance, risk, and compliance (GRC) cybersecurity analyst is responsible for supporting the cybersecurity direction of the business and advancing the company’s cybersecurity posture. 

The ideal candidate possesses four plus years of experience in cybersecurity, compliance or risk management. The role assists the Director with the business’ security requirements and obligations mandated by standards and regulations such as Sarbanes-Oxley Act (SOX), and CMMC. In tandem with security leadership, the GRC cybersecurity analyst consistently assesses and validates the assurance of the security program. The GRC cybersecurity analyst monitors progress and enforces resolution of outstanding audit and risk issues that may lead to non-compliance or security threats to the business.

Reports to the Director Cybersecurity GRC.

Job Responsibilities:

• Identify strengths and weaknesses in the cybersecurity program as they relate to cybersecurity, business resiliency and compliance frameworks.
• Document, formulate and enforce areas of cybersecurity improvement that balance risk with business operations and do not diminish efficiencies or innovation.
• Maintain strong oversight of third parties, vendors and business partners to safeguard against undue risk presented by external entities. Escalate to cybersecurity leadership when points of weakness are discovered.
• Analyze findings, and document, recommend and report program gaps to security leadership.
• Monitor current and proposed cybersecurity changes impacting regulatory and security industry best practice guidance.
• Assist the Director in developing metrics to assess the success of the security program and provide regular reports to cybersecurity leadership.
• Work in tandem with cybersecurity, leadership to perform ongoing security program assessments.
• Liaison with auditors, both internal and external, to maintain and implement controls.

Required Qualifications:

• Typically requires a minimum of 3-5 years of experience in cybersecurity as a practitioner with exposure to security frameworks.
• Bachelor’s Degree in Computer Science, Information Assurance, MIS or related field.
• Strong business acumen and cybersecurity technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities.
• Experience and understanding of various regulatory requirements and laws (ex., SOX, ISO 27001/2, NIST, etc.)
• Knowledge of cloud environments such Amazon Web Services (AWS).
• Demonstrated problem-solving capabilities, and ability to manage complex local and international security requirements.

Preferred Qualifications:

• Holds or is working toward one or more of the following: CISSP, CRISC, CISA.

“This position requires you to have or obtain a government security clearance. Security clearances may only be granted to U.S. citizens.”

Mercury Systems is a technology company that makes the world a safer, more secure place. We push processing power to the tactical edge, making the latest commercial technologies profoundly more accessible for today's most challenging aerospace and defense missions. From silicon to system scale, Mercury enables customers to accelerate innovation and turn data into decision superiority. Headquartered in Andover, Massachusetts, Mercury employs more than 2,300 people in 24 locations worldwide. To learn more, visit mrcy.com

Our Culture

We are committed to making Mercury a great place to work, no matter where our employees are located. We offer a casual and enjoyable atmosphere that allows employees to learn and grow. We help and care for one another and work as one to achieve results for us and for our customers. We value communication and transparency, and strive to foster two-way dialogue at all levels of the organization. We are committed to lifelong learning, offering comprehensive skills training and tuition reimbursement. Whether you're just starting out on your career journey or you are an experienced professional, it's important to us that you feel recognized and rewarded for your contributions.

To find out more about Why Mercury?, or visit the Mercury Community or find answers to general questions at Mercury FAQs

Mercury Systems is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, genetic information, creed, citizenship, disability, protected veteran or marital status.

As an equal opportunity employer, Mercury Systems is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants that require accommodation in the job application process may contact the number below for assistance.

(978) 256-1300

Click here read about our recent press release.