Information Security Advisor-ImageQuest Franklin, TN

Lyra Technology Group is a family of industry leading technology service businesses. Our companies are operated independently by exceptional management teams. Companies that join our group retain the employees, name, and culture that have made them successful. As a platform of Evergreen Services Group, we never divest from businesses we partner with and approach every decision with the goal of driving sustainable and healthy growth over the long term.

Lyra Technology Group is looking for a full‑time Information Security Advisor to join the team at one of our operating companies, Image Quest in Franklin, TN. The Information Security Advisor will work to safeguard client’s data, infrastructure, and reputational integrity by collaborating with expert teams to develop, implement, and sustain tailored Information Security Programs and leveraging cutting‑edge security practices and ensuring adherence to industry‑specific regulations.

Image Quest provides best‑in‑class IT services, IT consulting, IT support, and IT compliance and cybersecurity services to clients in Nashville, TN. Our Cloud Computing services are carefully designed solutions that keep your team productive, secure, and compliant - wherever they work. Our Cloud Computing solutions can reduce or eliminate your IT capital expenses, give what equipment you do have a longer life, and covert IT expenses at a predictable monthly cost.

• Support the designated Chief Information Security Officer or Information Security Officer with special projects.
• Help develop and maintain the client’s Information Security Program.
• Create, update, and maintain written Information Security Policies and Procedures tailored to meet the unique needs of each client and industry standards.
• Participate in the collaboration with clients to ensure all policy and procedural documentation is current, accurate, and aligned with organizational goals.
• Work with the Director of Advisory Services to identify opportunities for enhancing security documentation processes and improvements to ensure effectiveness and compliance with evolving security threats.
• Assist clients in completing third‑party information requests, such as security questionnaires, ensuring accurate and thorough responses with the assistance of relevant teams.
• Provide clients with guidance on matters related to cyber insurance, tapping into internal resources and knowledge bases to deliver informed recommendations.
• Contribute insights into Advisory Services by participating in sales meetings and joining periodic business review calls with Relationship Managers, showcasing value to current and prospective clients.
• Based on client engagement, coordinate or support responses to actual security incidents by leveraging the Cyber Incident Response Plan (CIRP) and collaborating with incident response teams.
• Assist in the preparation and execution of the annual SOC 2 audit, providing necessary documentation and support.
• Lead and oversee annual risk assessments in compliance with regulatory requirements, identifying gaps and recommending corrective actions.
• Develop a risk register to track gaps and corrective actions.
• Develop and maintain a comprehensive calendar for risk assessments to ensure timely evaluations.
• Participate in the development and implementation of risk mitigation strategies pertaining to information security.
• Prepare a detailed Executive Summary, outlining the client’s current security posture and areas for improvement.
• Develop and uphold comprehensive written policies and procedures for Vendor Management, with focus on new vendors and ongoing monitoring.
• Support the Lead Information Security Advisor by coordinating vendor due diligence, ensuring consistent application of due diligence strategies across non‑banking and banking client assignments.
• Conduct non‑banking client vendor reviews, ensuring all documentation is current and compliant with company standards, and create summary for presentation to client.
• Create, review, and manage comprehensive written policies and…