Information Security Analyst

Join to apply for the Information Security Analyst role at Crestron Electronics

At Crestron Electronics, Inc we build the technology that integrates technology. We are proud to be the largest and most recognized brand in automation and control solutions, and the premier technology partner for fortune 500 businesses globally. Our products are integrated into new high‑tech commercial buildings to include some of the most exciting real estate throughout the world. Our clients include Google, Microsoft, Amazon, Linked In and many others.

We are the leaders in the most exciting industry in the world!

Our automation and control solutions for homes and buildings allow our clients to control entire environments with the push of a button, integrating systems such as Audio Visual, Lighting, Shading, Security, Building Management Systems and HVAC to provide greater comfort, convenience and security.

The Information Security Analyst plays a key role in advancing the company’s Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with regulatory, contractual, and ethical standards. This position offers hands‑on experience across multiple security domains including policy governance, risk management, AI governance, and data security, making it an excellent opportunity for early career professionals or recent graduates passionate about cybersecurity and emerging technology risks.

In this role, you will collaborate with teams across Information Security, IT, and Legal to drive initiatives that safeguard sensitive data, maintain compliance obligations, and promote responsible use of artificial intelligence and other advanced technologies.

• Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF.
• Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800‑53 Rev 5).
• Support internal policy review cycles, ensuring consistent version control and executive approval.

• Participate in enterprise risk assessments, including third‑party, application, and AI model risk reviews.
• Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, Service Now GRC, One Trust, Vanta, etc.).
• Support the development of risk metrics and dashboards for leadership reporting.
• Learn to evaluate AI‑related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure.

• Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected.
• Support data inventory and mapping efforts to improve visibility where critical data resides.
• Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams.
• Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls.

• Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.).
• Maintain control documentation and track audit remediation activities.
• Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data‑related laws.

• Contribute to inventories of AI tools and use cases across the enterprise.
• Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency.
• Collaborate with IT and legal teams to ensure that AI use complies with company policies.

• Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices.
• Support internal campaigns promoting secure data handling and ethical technology usage.
• Prepare metrics, dashboards, and presentations for leadership briefings.
• Participate in projects that automate or streamline GRC…