Apply on Employer Site

Crestron Electronics · 5 hours ago

Information Security Analyst

Rockleigh, NJ

Full-time

Onsite

New Grad, Entry Level

$60K/yr - $84K/yr

0+ years exp

Crestron Electronics is the largest and most recognized brand in automation and control solutions, serving Fortune 500 businesses globally. The Information Security Analyst will advance the company’s Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with various standards, while collaborating with multiple teams to safeguard sensitive data.

Audio/Visual EquipmentConsumer ElectronicsManufacturingSmart Building

No H1B

Responsibilities

Governance & Policy Management Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF

Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800-53 Rev 5)

Support internal policy review cycles, ensuring consistent version control and executive approval

Risk Management Participate in enterprise risk assessments, including third-party, application, and AI model risk reviews

Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, ServiceNow GRC, OneTrust, Vanta, etc.)

Support the development of risk metrics and dashboards for leadership reporting

Learn to evaluate AI-related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure

Data Governance & Data Security Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected

Support data inventory and mapping efforts to improve visibility where critical data resides

Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams

Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls

Compliance & Audit Support Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.)

Maintain control documentation and track audit remediation activities

Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data-related laws

AI Governance Support Contribute to inventories of AI tools and use cases across the enterprise

Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency

Collaborate with IT and legal teams to ensure that AI use complies with company policies

Security Awareness & Communication Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices

Support internal campaigns promoting secure data handling and ethical technology usage

Prepare metrics, dashboards, and presentations for leadership briefings

Continuous Improvement Participate in projects that automate or streamline GRC processes, such as policy lifecycle management or risk scoring

Stay informed about new threats, regulatory trends, and AI governance frameworks

Engage in ongoing professional development and certification opportunities

Qualification

Cybersecurity principlesRisk managementData governanceNIST CSFISO 27001GRC toolsAnalytical skillsMicrosoft ExcelMicrosoft PowerPointCommunication skillsDocumentation skills