×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Sr InfoSec Compliance & Risk Analyst

Job in Milford, Worcester County, Massachusetts, 01757, USA
Listing for: Waters Corporation
Full Time position
Listed on 2026-05-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Overview

Waters is seeking a driven and experienced Sr. Information Security Compliance and Risk Analyst to lead and advance our enterprise-wide GRC program, ensuring our security posture remains resilient, audit-ready, and aligned with industry-leading frameworks such as ISO 27001, SOC 2, NIST CSF, and CMMC. In this high-impact role, you will own risk assessments, compliance initiatives, conduct internal audits within the IT organization, and third‑party vendor evaluations while partnering with cross‑functional stakeholders to embed a culture of risk‑aware security accountability across the organization.

You will serve as a trusted advisor to IT leadership, translating complex regulatory requirements and emerging threats into clear, actionable strategies that protect our business and our customers. If you bring 5+ years of cybersecurity and GRC expertise, a sharp analytical mindset, and a passion for building world‑class security programs, we want to hear from you – certifications like CISSP, CISM, or CRISC are a strong plus.

Responsibilities

Information Security Governance & Risk Management

  • Lead and manage security compliance initiatives across the organization (e.g., ISO 27001, SOC 2, NIST CSF, CMMC, NIST AI RMF, etc.), including audit readiness, external certifications, and ongoing control maintenance.
  • Aid in the ongoing development of Waters GRC program by supporting and maturing Waters Corporate IT compliance efforts.
  • Assist our IT organization by determining appropriate security measures and by guiding the enterprise in implementing technical, operational and administrative controls throughout Waters IT ecosystem.
  • Coordinate in maintaining and developing Waters IT security documentation (policies, standards, architectures, designs, procedures, and guidelines), ensuring change control and document availability.
  • Contribute to the administration of Waters Information Security Management System.
  • Collaborate with internal stakeholders to ensure security policies and procedures are understood and followed.
  • Aid in monitoring regulatory changes and emerging risks; advise leadership on potential impacts and required actions.
  • Develop and deliver security awareness and compliance training programs.

Audit & Customer Response

  • Prepare and support internal and external audits, including evidence collection and response coordination.
  • Support responding to security questionnaires and demonstrating IT compliance with security frameworks.
  • Draft and maintain clear, consistent, and audit‑ready documentation, including policies, control responses, program updates and reports.

Governance Risk and Compliance Operations (GRC)

  • Participate in Waters third‑party risk management program, including vendor assessments, reviews, remediation follow‑up, and monitoring.
  • Participate in measuring and reporting on security risk to IT senior leadership and other key organizational stakeholders.
  • Maintain and improve the organization’s risk register and compliance documentation.
  • Conduct risk assessments and control gap analyses; develop mitigation strategies and track remediation efforts.
  • Support third‑party risk management by assessing vendor security practices and compliance.
Qualifications

Required Minimum:

  • 5 years of experience in cybersecurity, with a strong emphasis on governance, risk, and compliance (GRC).
  • Bachelor’s degree in Cybersecurity, Information Technology, Business, or a related field.
  • Strong knowledge of regulatory frameworks and standards (e.g., NIST, ISO, GDPR, NIS2, CMMC).
  • Excellent interpersonal skills and the ability to engage with diverse teams across all levels of the organization.
  • Experience with GRC tools and platforms.
  • Demonstrated success in communicating and promoting security initiatives.
  • Self‑starter with strong problem‑solving skills and a proactive mindset.
  • Have a working knowledge of information security and IT best practices.

Preferred:

  • Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
  • Project management skills.
  • Understanding Information Security risk quantification practices.
Company Description

Waters Corporation (NYSE:

WAT) is a global leader in analytical instruments, separations…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search