×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Information Assurance Analyst

Job in Burlington, Chittenden County, Vermont, 05405, USA
Listing for: NuHarbor Security Inc.
Full Time position
Listed on 2026-01-03
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand. Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders. We’re growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.

The Role

The Senior Information Assurance (IA) Analyst is a senior resource supporting a long-term, strategic Governance, Risk, and Compliance (GRC) program with a designated client. This role works closely with service delivery teams, client stakeholders and third-party service providers to assess, mature, and operationalize GRC processes over the life of the contract.

The Senior IA Analyst performs hands-on delivery with limited oversight, serves as a subject matter expert in NIST-aligned risk and compliance practices, and supports the integration of GRC services into ongoing security operations. This role requires consistent collaboration, strong relationship management skills, and the ability to operate effectively within a multi-vendor environment.

What you’ll do

  • Lives by the NuHarbor values:
    Help Clients Win, Always Improve, Protect the House
  • Serves as a senior Information Assurance and GRC resource supporting a long-term strategic client engagement
  • Works directly with client stakeholders and third-party service providers to support ongoing GRC activities, assessments, and operational initiatives
  • Supports execution and continuous improvement of governance, risk, and compliance processes aligned to NIST principles
  • Leads application of NIST 800-53 and NIST risk management and assessment principles to identify control gaps and risks, and to develop, prioritize, and manage POA&M-driven remediation and risk reduction strategies.
  • Contributes to refinement of GRC workflows, reporting, and compliance tracking capabilities, and supports operational integration of GRC services across security operations and long-term delivery models
  • Participates in stakeholder meetings, workshops, and information gathering activities across the client and vendor ecosystem
  • Owns and develops GRC and security program documentation and artifacts, ensuring ongoing accuracy, consistency, and alignment to program requirements
  • Synthesizes and communicates risk, compliance, and control information in a clear, actionable, and audience appropriate manner.

Your foundation. The requirements for this role:

  • Bachelor’s degree and three ( 3 ) years of experience in cybersecurity, information assurance, or risk management roles.
  • In lieu of a degree, an additional two (2) years of experience in a related technology or risk management field and relevant industry certifications are required.
  • A t least 2 years of hands-on GRC specific experience supporting risk assessments, security control evaluations, compliance requirements and remediation efforts
  • Demonstrated expertise applying NIST frameworks and risk management principles to assess control implementation, evaluate risk posture, and identify compliance gaps
  • Demonstrated experience developing, prioritizing, and managing Plans of Action and Milestones (POA&Ms), including remediation planning and risk reduction activities
  • Demonstrated experience managing, building, or supporting workflows within a GRC platform, including risk, issue, and remediation tracking
  • Strong written and verbal communication skills with the ability to translate complex risk, control, and compliance concepts into clear, actionable language
  • Ability to manage and prioritize multiple concurrent work streams while maintaining focus on long-term program objectives
  • Ability to perform effective research and analysis through stakeholder interviews, workshops, and document review.
  • Must be a citizen of the United States

Additional capabilities that will differentiate you for this role:

  • Holds at least one industry accepted , relevant certification such as Security+, CISM,…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search