Principal Research Analyst - Information Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

ISACA · 2 days ago

Principal Research Analyst - Information Security

positionUnited States
timeFull-time
remoteRemote
seniorityLead/Staff
money$109K/yr - $164K/yr
date8+ years exp

ISACA is a global leader in technology trust, dedicated to empowering its members in various fields including information security. The Principal Research Analyst - Information Security will lead the development and delivery of high-quality content while serving as a subject matter expert and representing ISACA at industry events.

AssociationInformation TechnologyIT ManagementNetwork SecurityNon Profit
check
H1B Sponsor Likelynote

Responsibilities

Lead the creation, review, and delivery of content including articles, audit programs, whitepapers, secondary research reports, and practitioner aids
Ensure content aligns with ISACA’s Professional Practices Program Strategy and industry standards
Provide input on materials, frameworks, and references to maintain high-quality outputs
Serve as internal SME within assigned professional practice (e.g., audit, emerging tech, GRC, information security, privacy)
Recruit, mobilize, and manage volunteer SME groups to co-develop and validate ISACA content
Provide guidance and leadership during content and research project cycles e.g., exam prep materials, journal articles
Represent ISACA at industry events, panels, podcasts, and webinars to promote the organization’s research and frameworks
Evaluate conference proposals and review final presentations for technical and strategic accuracy
Respond to member and partner technical inquiries within area of practice
Maintain up-to-date knowledge by attending professional seminars, reviewing literature, and monitoring trends
Partner with business units, marketing, and events teams to ensure consistent, relevant integration of practice-area content across conferences, webinars, podcasts, and publications
Collaborate with ISACA leadership to align professional practice content with organizational messaging and priorities
Support ISACA’s marketing and brand-building efforts through strategic communication and collaboration
Participate in activities that foster partnerships and elevate ISACA’s visibility and credibility in the global ecosystem

Qualification

Information SecurityCybersecurity FrameworksCloud SecurityVendor ResearchPublic SpeakingBusiness WritingStakeholder EngagementCritical ThinkingAnalytical SkillsResearch SkillsContent DevelopmentAI TechnologiesThreat ModelingCISM CertificationCISSP CertificationCollaborationProject Management

Required

Bachelor's Degree in a relevant field of study from an accredited university, or an equivalent combination of education and experience
Minimum of 8 years of experience in a similar role or capacity, with a demonstrated record of success
Experience responding to stakeholder inquiries, providing expert guidance and practical interpretation of industry practices and trends
Proven experience collaborating cross-functionally with business teams
Additional 5+ years of enterprise information security program experience; must include recent experience (within past 24 months) securing modern, hybrid enterprise environments
Familiarity with common frameworks and taxonomies (NIST CSF, MITRE ATT&CK, ISO 27001, CIS controls)
Deep working knowledge of core cybersecurity domains (network, endpoint, IAM, cloud, application security, incident response)
Knowledge of cloud platforms and cloud control frameworks (AWS/Azure/GCP and cloud audit considerations)
Experience conducting secondary research and reporting
Track record of public-facing thought leadership: conference speaking, webinars, podcasts, or published articles
Vendor and market research – evaluating products, mapping capabilities, and performing competitive analysis
Critical thinking, collaboration, and cross-functional stakeholder engagement
Business writing
Proven ability to translate research into content deliverables: verbal presentations or written reports
CISM or CISSP

Preferred

Master's Degree in Cybersecurity, Computer Science, Information Systems, or related field from an accredited university
10+ years of experience in a similar role or capacity, with a demonstrated record of success
Related experience in regulated industries (finance, healthcare, energy) or working with regulators and compliance programs
Direct involvement with procurement, implementation, and operationalization of AI technologies
Experience with threat intelligence, detection engineering, or malware/attack analysis
Experience performing threat modeling

Company

ISACA

twittertwittertwitter
company-logo
ISACA Irish Chapter is an independent, non-profit, global association engaged in the development, adoption, and use of industrial knowledge.
dateFounded in 1998
location
Rolling Meadows, Illinois, USA
people-size201-500 employees
web-link
http://www.isaca.org

H1B Sponsorship

ISACA has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2022 (1)
2021 (1)

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Erik Prusch
Chief Executive Officer
linkedin
leader-logo
Simona Rollinson
Chief Operating Officer
linkedin

Recent News

Business Wire
ISACA to Lead Global Credentialing for CMMC Cybersecurity Framework as International Cyber Readiness Standards Rise
2025-12-17
Business Wire
ISACA Authorized as the CAICO for the US Department of War’s CMMC Program
2025-12-17
Business Wire
ISACA, Nasscom Join Hands to Standardize Digital Skills for India’s Workforce
2025-12-10
Company data provided by crunchbase