Information Security Analyst

Supports protection of information assets by managing risks, enforcing policies, conducting security testing, and investigating incidents. Works with security teams and vendors to maintain a strong security posture and support audits and compliance.

Title: Systems Analyst, Projects

Duration: 12 months

Work Type: Full time, Contract

Industry: Banking & Financial Services

Work location: Hybrid (remote and in-office) – Applications open to Caribbean (CARICOM) residents

Role Overview: The Information Security Analyst supports the protection of the organization’s information assets by identifying and addressing security issues. Working closely with the Information Security team and third-party providers, the Analyst helps manage information security risks, enforce policies and procedures, conduct security testing and risk assessments, investigate incidents, assist with user training, and support audit activities. This role collaborates with server and network teams to maintain the company’s overall security posture.

Key Responsibilities:

Governance & Risk Management

• Support IT risk assessments, including security assessments, vulnerability scans, and penetration testing; track and validate mitigation efforts.
• Monitor compliance with security policies; escalate non-compliance issues for resolution.

Incident & Problem Management

• Assist in investigating and responding to security alerts from tools and third-party providers.
• Escalate critical events promptly and provide information for incident investigations.
• Support incident containment and mitigation activities.

Secrets Management

• Help process security profile requests and maintain security matrices under manager’s guidance.
• Assist with requests related to certificates, tokens, and keys, ensuring completeness and accuracy.

General Duties

• Collect data for security KPIs and risk indicators.
• Test new hardware and software for security compliance before deployment, conducting scans and escalating issues.
• Address security compliance alerts promptly within SLA.
• Perform other tasks as assigned.

Application & Cloud Security

• Assist with application security testing and coordination with third-party providers.
• Support cloud security activities and ensure testing results are properly documented.

Qualifications & Experience:

• Bachelor’s degree in Information Security, Computer Science, IT, or related field.
• Relevant certifications such as CompTIA Security+, CEH, or similar are advantageous.
• Minimum 2–4 years’ experience in information security or IT risk management, preferably in banking or financial services.
• Experience supporting risk assessments, vulnerability management, and incident response.
• Familiarity with security tools (e.g., IBM ISS), penetration testing, and compliance monitoring.
• Exposure to cloud security and application security testing is a plus

Key Competencies:

• Solid understanding of information security principles, risk management, and incident handling.
• Analytical skills to assess vulnerabilities and support mitigation efforts.
• Strong attention to detail and organizational skills.
• Good communication skills for collaborating with technical teams and management.
• Ability to work under guidance while managing multiple security tasks.
• Commitment to maintaining regulatory compliance and security best practices.