Information Security Analyst

Company Description

TAAUS Secure Technologies is a New York-based cybersecurity leader specializing in designing and building secure, defensible environments for organizations in the government, industrial, and professional service sectors. We empower our clients to minimize risk and meet complex compliance standards through expert guidance and cutting-edge technology. Join us as we build the next generation of defensible enterprise environments.

Role Description

As an Information Security Analyst at TAAUS, you will play a pivotal role in ensuring the confidentiality, integrity, and availability of data for our clients in highly regulated sectors. Your mission is to move beyond simple monitoring; you will analyze security posture, manage risk frameworks, and ensure that our "defensible environments" remain compliant with NIST, HIPAA, and other critical standards. This role is ideal for a detail-oriented professional who enjoys the intersection of technical security controls and organizational policy.

Key Responsibilities

• Risk Assessment & Mitigation: Conduct periodic risk assessments and security audits to identify vulnerabilities in client infrastructure and business processes.
• Compliance Management: Map technical controls to regulatory frameworks (NIST CSF, HIPAA, CMMC) and assist clients in maintaining audit-ready documentation.
• Security Architecture Support: Collaborate with engineers to ensure that new deployments, from IAM (Okta/Azure AD) to Network Defense, align with security best practices and client policies.
• Incident Analysis: Investigate security breaches and "near-miss" incidents to identify root causes and provide actionable recommendations for preventing future occurrences.
• Vendor Risk Management: Evaluate the security posture of third-party vendors to ensure they meet TAAUS and client-specific security requirements.
• Vulnerability Management: Oversee the lifecycle of vulnerability detection and remediation, ensuring that patches and configuration changes are prioritized based on risk.

Preferred Qualifications

• Experience: 2–4 years in information security, IT audit, or a related GRC role.
• Education: Bachelor’s degree in Information Security, Management Information Systems (MIS), or a related field.
• Certifications: CompTIA Security , CySA , or progress toward CISA or CISSP.
• Knowledge Base: Strong familiarity with security frameworks (NIST 800-53 or ISO 27001) and an understanding of how technical controls (firewalls, encryption, MFA) satisfy compliance requirements.
• Communication: Exceptional ability to translate complex technical risks into clear, business-focused language for stakeholders.

Salary & Benefits

• Salary: Competitive annual salary, commensurate with experience and technical expertise.
• Future Planning: 401(k) retirement savings plan with company matching.
• Paid Time Off: Generous PTO policy, including vacation days, sick leave, and observed federal holidays.
• Professional Development: Reimbursement for relevant cybersecurity certifications (e.g., Security , CySA , CISSP) and access to ongoing technical training.
• Work-Life Balance: Flexible work arrangements, including hybrid office/remote options.
• Impactful Work: The opportunity to work at the forefront of the industry, defending critical infrastructure for high-profile clients.