Citrin Cooperman is one of the largest accounting and consulting firms in the United States, and 4th among mid-Atlantic firms, with over 2,500 employees in 22 U.S. and International offices. This year, we were rated one of the Top 50 Best Companies to work for according to Vault.com. We are always looking for new team members who bring a fresh perspective, technical expertise, and a passion for solving problems. At Citrin Cooperman, we offer you the flexibility to take your career to the next level and still allow you to focus on what matters to you!

Position Responsibilities:

Reporting to the Director - Information Security Officer, the Information Security Analyst plays a crucial role in assessing and enhancing our Information Technology controls environment. The information Security Analyst will work with the team and will be responsible for various key functions within the InfoSec team, including:

1. Daily Risk Management
   • Actively participate in daily risk meetings, involving the comprehensive review of multiple intelligence sources, such including but not limited to, , CISA bulletins, Infragard flash reports, and more.
   • Conduct thorough reviews and analysis of InfoSec alerts generated by various security tools to identify potential threats.
2. Documentation and Compliance
   • Assist in the creation of a documentation library, standardized templates, maintenance of the library/SharePoint site, and assist the team with completing current and prospective client due diligence questionnaires.
3. Change Management Collaboration
   • Regularly participate in weekly Change Management Meetings to coordinate technology related changes and updates effectively.
4. Imaging and Deployment Expertise
   • Assist the team with reviewing the current Windows desktop imaging standard.
   • Participate in audits of the images.
5. Collaboration and Partnerships
   • Collaborate closely with internal teams to establish and maintain security controls for early detection and risk monitoring.
   • Build relationships and liaise with external partners, vendors, internal groups, and the Security Information and Event Management (SIEM) system to assess security controls, provide guidance, and mitigate potential risks.
6. Information Security Training Compliance
   • Asist in the scheduling and monitoring compliance to the mandated monthly Information Security training, ensuring participation and reporting.
7. Staff Education and Awareness
   • Collaborate with the Information Security Officer to deliver educational sessions to staff on selected security related topics, fostering a culture of security awareness.
8. Incident Response
   • Demonstrate readiness to respond to security incidents, taking the lead or participating as required, day or night, including alerts from staff, Security Information and Event Management (SIEM) systems, or other monitoring systems.
9. Business Continuity and Disaster Recovery Testing
   • Actively participate in Business Continuity Planning (BCP) and Disaster Recovery (DR) Testing, meticulously documenting results, and assessing overall performance to ensure operational resilience.
10. SOC Audit Preparation
    • Contribute to the preparation and creation of necessary artifacts and work products for SOC (Security Operations Center) audits.
11. Control Environment Assessment
    • Collaborate closely with the team to design and execute strategic tests for assessing our control environment. These assessments will involve the use of specialized tools and applications.
12. InfoSec Toolset Familiarity
    • Gain a comprehensive understanding and familiarity with our current InfoSec toolset.
13. Phishing Testing
    • Assist in the coordination and execution of targeted phishing testing exercises to evaluate the organization's resilience to social engineering threats, working proactively to enhance security awareness.

Qualifications:

Education:

• Bachelor's degree or equivalent professional experience

 Experience:

• Minimum of 1 year of experience in systems administration, network monitoring, or computer and network systems.
• Minimum of 1 year of experience in the field of Information Security (InfoSec).

Communication Skills:

• Strong verbal and written communication skills.
• Interpersonal skills for effective collaboration within the team and communication with stakeholders.

Identity and Access Management:Active Directory

• Exposure and familiarity with active directory user permissions, groups, and domains.
• Understanding of IAM tools and concepts
• Understanding of Role-based Access Control methods (PIM, PAM).Password Management
• Understanding of Enterprise, Desktop, Cloud-based, and SSO password management and vaulting principles.

 Network Security:

• Understanding/experience with network security architecture
• Understanding/experience with IPS/IDS, WAN, VPN, Routers, Firewalls, Ethical Hacks on LAN’s.

 SIEM SOC Technology:

• Understanding/experience with any managed or in-house SIEM.

InfoSec Tools:

• Experience with tools (i.e., virus/malware, CASB, DLP, Email, etc.).

 Key Skills:

• Quick Decision Making: Ability to react quickly, decisively, and deliberately in high-stress situations.
• Motivated and Team-Oriented: A highly motivated individual with the ability to self-start, prioritize tasks, multitask effectively, and work collaboratively in a team setting.

Certifications:

• One or more of the following certifications are preferred:
  1. CISSP
  2. CISA
  3. GCIA

About Citrin Cooperman

Citrin Cooperman is one of the nation’s largest professional services firms. Citrin Cooperman & Company, LLP, a licensed independent CPA firm that provides attest services and Citrin Cooperman Advisors LLC which provides business advisory and non-attest services, operate as an alternative practice structure in accordance with the AICPA’s Code of Professional Conduct and applicable laws, regulations, and professional standards. Clients are in all business sectors and leverage a complete menu of service offerings. The entities include more than 400 partners and over 2,500 employees across the U.S. 

This will further cement our mission to be the go-to regional and national professional services firm of choice that middle-market clients can depend on for the core assurance, tax, and strategic business consulting and advisory services that will bring value, enhancing their business and personal aspirations. 

For more information, please visit citrincooperman.com and be sure to follow us on LinkedIn, Twitter, Facebook, Instagram, and YouTube.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, age, disability, protected veteran status, or any other characteristic protected by law.

For positions in New York and California, the salary range is $65,000 -- $75,000. Actual compensation within that range will be dependent upon the individual's skills, experience, qualifications, and applicable laws.