Senior Cybersecurity Analyst

At Armanino, you determine your career path. This means it's possible to pursue challenges you are passionate about, in industries you care about.
** Job Responsibilities
*** Own and drive ISO 27001 certification efforts, including risk registers, nonconformities, and corrective actions.
* Support SOC 1 Type 2 audit readiness and remediation.
* Lead Quality Management System (QMS) audits.
* Assist with Data Loss Prevention (DLP) initiatives and assessments.
* Support Armanino’s Vendor Security Management Program.
* Evaluate, and monitor security systems, including firewalls, endpoint protection, intrusion detection, VPNs, and MFA solutions.
* Validate system configurations for compliance with security standards.
* Monitor server logs, network traffic, and security alerts, interpreting findings and recommending resolutions.
* Assess and implement necessary security reconfigurations, patches, or upgrades.
* Utilize Windows infrastructure knowledge (Active Directory, GPO, workstation fundamentals).
* Knowledge of cloud security fundamentals.
* Understand IT systems, networking, backups, cloud services, and general IT operations.
* Maintain awareness of privacy standards and frameworks (ISO 27701).
* Mentor other cybersecurity staff informally; collaborate as a peer with senior team members.
* Independently manage projects and compliance initiatives with minimal oversight.
* Report progress weekly to senior management, ensuring adherence to timelines and KPIs.
** Requirements
* ** Bachelor’s degree in Computer Information Systems, Cybersecurity, or a related field.
* Minimum 5 years of experience in cybersecurity, information security, or IT systems.
* CISSP or equivalent information security certification required.
* Proven hands-on experience driving ISO 27001 compliance (mandatory); exposure to SOC audits and ISO 27701 (privacy) preferred.
* Strong technical foundation in Windows infrastructure, networking, cloud systems, and IT operations.
* Familiarity with security technologies, including MFA, VPN, DLP, firewalls, endpoint protection, and intrusion detection systems.
* Exceptional written and verbal communication skills to engage stakeholders across all levels.
* Strong analytical, problem-solving, and critical-thinking skills to navigate complex security challenges.
* Ability to work independently, manage multiple initiatives, and drive outcomes with minimal supervision.
* Flexibility to work from home while collaborating in person half the time.
** Preferred Qualifications
*** Experience architecting end-to-end ISO 27001 programs.
* AI Management System (ISO 42001).
* Track record of implementing SOC audits or privacy programs.
* Familiarity with vendor security assessments and compliance documentation.*“Armanino” is the brand name under which Armanino LLP, Armanino CPA LLP, and Armanino Advisory LLC, independently owned entities, provide professional services in an alternative practice structure in accordance with law, regulations, and professional standards. Armanino LLP and Armanino CPA LLP are licensed independent CPA firms that provide attest services, and Armanino Advisory LLC and its subsidiary entities provide tax, advisory, and business consulting services.

Armanino Advisory LLC and its subsidiary entities are not licensed CPA firms.
** Armanino provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Armanino complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
** Armanino expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Armanino employees to perform…