Senior Analyst, Information Assurance jobs in United States
cer-icon
Apply on Employer Site
company-logo

EAB · 1 day ago

Senior Analyst, Information Assurance

positionRichmond, VA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$80K/yr - $97K/yr
date3+ years exp

EAB is dedicated to making education smarter and communities stronger, partnering with over 2,800 institutions to drive change through data-driven insights. The Senior Analyst, Information Assurance will assess risks associated with EAB's technology applications and third-party service providers, support business continuity management, and contribute to information security audits and training.

Higher Education
badNo H1Bnote

Responsibilities

Plan and execute the day-to-day activities of Information Technology (IT) audit engagements, including scope development and developing annual audit plans
Perform IT risk assessments and audits of internal initiatives and critical third party/vendor relationships against criteria descending from industry standard information security frameworks and industry regulations, such as ISO/IEC 27001, NIST SP 800-53, FAIR, SSAE 18 SOC II Type I and Type II, DoD compliance frameworks (e.g., NIST 800-171, CMMC, FedRAMP), NIST CSF, FERPA, and privacy regulations like GDPR and CCPA
Review vendor security documentation, questionnaires, and attestations; assess risk impact and recommend risk treatment options
Support RFPs/security questionnaires (HECVATs, CAIQ, custom questionnaires) from clients with clear SLAs and maintain upkeep of Security & Compliance Trust portals
Support security assessments for DoD or federally funded service offerings, including understanding data classification and safeguarding requirements
Evaluate the design and effectiveness of technology controls throughout the business cycle
Identify control gaps and risks, recommend mitigation strategies, and track remediation activities through closure
Communicate IT audit findings and mitigation strategies to senior management, technology leaders, and the CISO
Help identify performance improvement opportunities across EAB business units
Assist in the development of risk treatment plans to address areas of strategic and tactical IT and information risks in both business operations and technology paradigms
Assist with the development and maintenance of information security policies and standards
Support development and maintenance of an information security compliance and metrics program for consistent management reporting of risks to sensitive information and technology resources across the enterprise
Help with prospective hiring and mentoring opportunities as the program scales and grows

Qualification

IT auditingInformation security frameworksRisk managementCloud infrastructureCISSP certificationCISA certificationCISM certificationGRC toolingInterpersonal skillsProblem-solvingCommunication skillsLeadership skillsTime management

Required

Bachelor's degree in Computer Science, Information Systems, or equivalent professional experience
Minimum of 3+ years of experience as an IT auditor, security analyst, or related field
Knowledge of information security and IT risk management concepts and practices including frameworks and regulatory regimes
Ability to work in a fast-paced business environment with global, geographically distributed teams
Strong understanding of cloud infrastructure and cloud-based SaaS environments
Exceptional interpersonal skills with ability to gain the confidence and respect of technology leaders and senior level executives
Excellent organizational direction, time management, problem-solving, prioritization, leadership, and interpersonal skills while proactively seeking input
Strong leadership and communication skills, technical knowledge, and the ability to write at a publication quality level to communicate findings and recommendations to the EAB's senior management team
Comfortable collaborating with IT, Product, Legal, and Commercial teams to drive sales enablement opportunities
A desire to learn new skills, research new technologies, and get better every day

Preferred

Professional experience in conducting IT or operational risk assessments or IT auditing through examination and analysis of internal controls and business risks
Experience in supporting security compliance as the internal compliance resource of physical and cloud-based infrastructure
Experience with planning internal audit procedures and preparing final reports for senior management and the CISO
Familiarity with the usage of modern GRC tooling (i.e., Drata, Vanta, ServiceNow, RSA Archer) to facilitate development of information asset inventories, risk and compliance assessments, risk metrics collection, and risk reporting
Experience with enterprise business continuity planning and testing activities
Experience with building out and managing an organization's Security and Compliance Trust Centers
Experience developing information security policy, security awareness and training content, and supporting materials
Experience delivering information security awareness training to technical and non-technical audiences
Willingness to learn new things and take on additional responsibilities across multiple information security and privacy domains
CISSP, CISA, CRISC, CISM, AWS or GCP cloud certifications, other information security or IT auditing certifications
Experience with risk and controls frameworks including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST SP 800-53, SSAE 18 SOC II Type I and Type II audits, DoD compliance frameworks (e.g., NIST 800-171, CMMC, FedRAMP), FERPA, and privacy regulations like GDPR and CCPA)
Familiarity and experience with the FAIR (Factor Analysis of Information Risk) model for quantifying information risk
Commitment to embracing a continual learning environment and contributing to a dynamic and welcoming culture of fairness, authenticity, and belonging in support of EAB's mission, values, and aspiration

Benefits

Medical, dental, and vision insurance plans; dependents and domestic partners eligible
20+ days of PTO annually, in addition to paid firm and floating holidays
Daytime leave policy for community service and flextime for fitness activities (up to 10 hours per month each)
401(k) retirement savings plan with annual discretionary company matching contribution
Health savings account, healthcare and dependent care flexible spending account, and pre-tax commuter plans
Employee assistance program with counseling services and resources available to all employees and immediate family
Wellness programs including gym discounts, incentives to promote healthy living, and family access to the leading app for sleep, meditation, and relaxation
Fertility treatment coverage and adoption or surrogacy assistance
Paid parental leave with phase back to work program for birthing and non-birthing parents
Access to milk shipping service to support nursing employees during business travel
Discounted pet health insurance coverage for dog and cat family members
Company-provided life, AD&D, and disability insurance
Financial wellness resources and membership in a robust employee discount program
Access to employee resource groups, merit-based advancement, and dynamic professional growth opportunities

Company

EAB

twitter
Glassdoor3.7
company-logo
At EAB, we are insight-chasers and innovators, and our teams are as diverse as the problems we solve.
dateFounded in 2007
location
Washington, DC, US
people-size1001-5000 employees
web-link
https://www.eab.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
James (Jim) Mathews
Chief Technology Officer
linkedin
leader-logo
Michael Kirshbaum
Chief Financial Officer
linkedin

Recent News

EAB
Forage Job Simulations Surpass 10 Million Student Engagements
2025-08-13
Government Technology US
University of Hawaii Puts $7.4M Into Student Success Platform
2025-06-26
Government Technology US
University of Hawaii Launches Data-Driven Student Support
2025-06-24
Company data provided by crunchbase