×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Sr InfoSec Compliance & Risk Analyst

Job in Milford, Worcester County, Massachusetts, 01757, USA
Listing for: Waters Corporation
Full Time position
Listed on 2026-01-09
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 97500 USD Yearly USD 97500.00 YEAR
Job Description & How to Apply Below

Job

Job Family: BT - Business Technology

Location:

US-MA-Milford

Pay Range Minimum: USD $97,500.00

Pay Range Maximum: USD $

Overview

This role will help lead enterprise-wide information security governance, risk, and compliance initiatives, which align to frameworks such as ISO 27001, SOC 2, NIST CSF, and CMMC. This role drives audit readiness, risk assessments, and third‑party vendor reviews while maintaining security documentation and supporting the organization's GRC program. The analyst collaborates with stakeholders to implement robust security controls, monitor regulatory changes, and deliver awareness training to strengthen the organization's security posture.

Responsibilities

Information Security Governance, Compliance, &

Risk Management:

  • Lead and manage security compliance initiatives across the organization (e.g., ISO 27001, SOC 2, NIST CSF, CMMC, NIST AI RMF, etc.), including audit readiness, external certifications, and ongoing control maintenance.
  • Aid in the ongoing development of Waters GRC program by supporting and advancing Waters IT compliance efforts.
  • Assist our IT organization by determining appropriate security measures in guiding the enterprise in implementing technical, operational and administrative controls throughout Waters IT ecosystem.
  • Coordinate the maintenance and development of Waters IT security documentation (policies, standards, architectures, designs, procedures, and guidelines), ensuring change control and document availability.
  • Contribute to the administration of Waters Information Security Management System.
  • Collaborate with internal stakeholders to ensure security policies and procedures are understood and followed.
  • Aid in monitoring regulatory changes and emerging risks; advise leadership on potential impacts and required actions.
  • Develop and deliver security awareness and compliance training programs.

Audit & Customer Response

  • Prepare and support internal and external audits, including evidence collection and response coordination.
  • Respond to security questionnaires and demonstrate IT compliance with security frameworks.
  • Draft and maintain clear, consistent, and audit‑ready documentation, including policies, control responses, program updates and reports.

Risk Assessment and Quantification:

  • Participate in Waters' third‑party risk management program, including vendor assessments, reviews, remediation follow‑up, and monitoring.
  • Participate in reporting on Security risk to IT senior leadership and other key organizational stakeholders.
  • Maintain and improve the organization's risk register and treatment plans.
  • Conduct risk assessments and control gap analyses; develop mitigation strategies and track remediation efforts.
Qualifications

Required Minimum:

  • 5 years of experience in cybersecurity, with a strong emphasis on governance, risk, and compliance (GRC).
  • Bachelor's degree in Cybersecurity, Information Technology, Business, or a related field.
  • Strong knowledge of regulatory frameworks and standards (e.g., NIST, ISO, GDPR, NIS2, CMMC).
  • Excellent interpersonal skills and the ability to engage with diverse teams across all levels of the organization.
  • Experience with GRC tools and platforms.
  • Demonstrated success in communicating and promoting security initiatives.
  • Self‑starter with strong problem‑solving skills and a proactive mindset.
  • Possess a working knowledge of information security and IT best practices.

Preferred:

  • Professional certifications such as CISSP, CISM, CRISC, CGRC, FAIR or similar are highly desirable.
  • Project management skills.
  • Understand Information Security risk quantification practices.
Company Description

Waters Corporation (NYSE:

WAT) is a global leader in analytical instruments, separations technologies, and software, serving the life, materials, food, and environmental sciences for over 65 years. Our company helps ensure the efficacy of medicines, the safety of food and the purity of water, and the quality and sustainability of products used every day. In over 100 countries, our 7,600+ passionate employees collaborate with customers in laboratories, manufacturing sites, and hospitals to accelerate the benefits of pioneering science.

Diversity and inclusion are fundamental to…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search