Information Security Analyst

Willdan is seeking an Information Security Analyst for our Anaheim office. This is a hybrid role. The Information Security Analyst will be responsible for supporting cybersecurity initiatives and business processes. They will also provides support for cybersecurity certification and compliance and audit efforts (ISO, SOC 2, Sox, etc.), cyber and privacy awareness training program initiatives, Helpdesk and general IT security related functions including but not limited to training, project team compliance coordination, policy review and enforcement. 

Essential Duties and Responsibilities

• Monitor helpline and reporting channels, applying standard operating procedures to determine next steps.
• Assist in the development, maintenance and execution of tools and processes to streamline and automate activities.
• Analyze processes and provide recommendations to improve efficiency.
• Develop and deliver materials for the enterprise Information Security awareness, communication, and education programs.
• Provide excellent customer service in support of program activities.
• Develop and maintain an ongoing relationship with control owners and key stakeholders including Information Security, IT, business lines, Internal Audit, and external third parties.
• Coordinate and facilitate with various groups to achieve end goals timely.
• Assist with the maintenance and update of program documents.
• Perform ongoing education and training in Information Security related areas.
• Compile results into reports or analytical products as required.
• Prepare metrics and analytics to support key functions.
• Coordinating ISMS activities with project team. 
• Ensuring compliance to privacy regulations and contractual stipulations. 
• Tasks will vary from structured (answering helpline/data analysis) to creative (maturing training and awareness initiatives).
• Ability to correlate data from logs or activities to enable quantitative analysis and metrics.
• Tasks can require originality and ingenuity to evaluate risks and determine appropriate and cost-effective controls to mitigate risk.
• Participates in brain-storming discussions and does act in an advisory capacity.

Job Requirements / Qualifications

• Bachelor’s Degree or equivalent experience.
• Bachelor's Degree or a minimum of 2 years relevant work experience in Information Security, IT Risk Management, IT Governance, IT Audit, or Insider Threat.
• Relevant, industry recognized security certification such as Security +, CISA, CISM.
• Attention to detail is a key success factor (accuracy outweighs speed).
• Knowledge of and familiarity with IT and Information Security control standards and frameworks (NIST, ISO27001, SSAE16/SOC1/SOC2, etc.)
• Proficient in Microsoft Word, Excel, and PowerPoint.
• Team player with positive energy and strong customer service skills.
• Ability to work independently and demonstrate initiative.
• Ability to effectively manage multiple tasks.
• Ability to work effectively with internal and external (clients, partners, etc.) at all levels.

EEO Non-Discrimination and ADA Reasonable Accommodation Statement
Willdan is an equal opportunity employer. Applicants are considered for all positions without regard to race, religious creed, color, age marital status, sex, sexual orientation, gender identity, gender expression, citizenship status, national origin, ancestry, religion, military service or veteran status, disability, medical condition, childbirth and related medical conditions, genetic testing, reproductive status or any other classification protected by federal, state or local laws and ordinances. Willdan does not discriminate on the basis of physical or mental disability where the essential functions of the job can be reasonably accommodated. Determinations on requests for reasonable accommodation will be made on a case-by-case basis. If you need reasonable accommodation for any part of the application and hiring process, please notify us.

Willdan Group, Inc. participates in E-Verify.