What are the responsibilities and job description for the Information Security Analyst position at Aptonet?
Job Opening: Information Security Analyst
π Location: Cary (Onsite/Hybrid β 3 days per week onsite; currently 2 days until construction completes)
πΌ Type: [Contract β specify as needed]
We are looking for a skilled Information Security Analyst to join our team in Cary. This role offers the opportunity to contribute to the testing and monitoring of information security (IS) controls, ensuring effectiveness, compliance, and resilience within a global, fast-paced environment.
Key Responsibilities
- Control Testing & Validation: Design and execute test cases to evaluate IS control design and operational effectiveness.
- Operational Delivery: Perform day-to-day IS control testing, manage deliverables, and ensure timely completion of scope items.
- Issue Management: Undertake testing assignments, draft findings, track issues, and validate remediation actions to closure.
- Reporting: Prepare high-quality test reports for senior management review and facilitate tracking of previous findings.
- Fieldwork & Documentation: Execute IS control effectiveness tests (process flows, risk identification, control testing) and document results in line with standards.
- Collaboration: Work closely with stakeholders, escalate issues when necessary, and engage with cross-functional teams to ensure a collaborative approach to IS testing.
Skills & Experience
- Extensive experience in Information Security, IT Security, or IT Audit (preferably in the financial industry).
- Proven background working in global, diverse teams across different time zones in a matrix environment.
- University degree in Computer Science, Information Technology, or a related field.
- Strong communication and professional presence, with the ability to engage across all organizational levels.
- Fluent English required; German language skills are a plus.
- Industry-recognized certifications (e.g., CISA, CISSP, CCSP, OSCP) are highly beneficial.
- Knowledge of IS threat analysis and frameworks (e.g., MITRE ATT&CK), cybersecurity standards (e.g., NIST, OWASP, ISO27001), and regulatory frameworks (e.g., KAIT, BAIT, ESMA cloud guidelines).
Why Join Us?
β Opportunity to work in a highly regulated, global financial environment.
β Exposure to cutting-edge security frameworks and standards.
β A collaborative, multicultural team with opportunities to grow and expand your expertise.
β Hybrid working model offering flexibility.
