Information Security Specialist

Key Responsibilities

• Policy & Program Support:
  Assist in drafting, editing, and maintaining cybersecurity policies, standards, and procedures to ensure clear, consistent, and aligned documentation.
• Inherent Risk Assessment Coordination:
  Support the facilitation and documentation of Information Security Business Impact Assessments by collaborating with business units to gather and organize input.
• Client & Third-Party Requests:
  Help prepare responses to client security questionnaires and due diligence requests, ensuring timely and accurate information delivery.
• Cybersecurity Awareness:
  Contribute to the planning and execution of awareness campaigns, including drafting communications, coordinating logistics, and tracking engagement to represent the security team in a visible, interactive role.
• Regulatory & Audit Support:
  Organize and maintain documentation to support audits, assessments, and regulatory reviews, tracking deliverables and following up with stakeholders as needed.
• Cyber Maturity Tracking:
  Assist in collecting and organizing data for cyber maturity assessments, identifying trends and supporting reporting.
• Collaboration & Communication:
  Work closely with internal teams including Privacy, Legal, Compliance, Third Party, and Risk to ensure alignment and smooth execution of policy and program initiatives.
• Documentation:
  Create clear, professional documentation to support transparency, accountability, and informed decision-making.

• Bachelor’s degree in Cybersecurity, Information Security, Communications, Business, or related field (or equivalent experience).
• 3+ years of experience in a cybersecurity, risk, compliance, or program support role.
• Foundational understanding of cybersecurity principles, frameworks, and regulatory requirements (e.g., NIST, ISO, GLBA, FFIEC).
• Excellent writing, editing, and communication skills.
• Strong interpersonal and collaboration skills; able to work effectively with diverse teams and stakeholders.
• Critical thinking, attention to detail, and strong organizational skills.
• Experience supporting awareness or training programs is a plus.
• Familiarity with GRC tools or security documentation platforms is a plus.

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws.

At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.