Information Security Analyst

InEight is a leader in construction project controls software, empowering over 850 companies taking on challenging projects in industries including construction and engineering; transportation infrastructure; mining; water; power and renewables; and oil, gas and chemical. Uniquely suited to capital construction and other complex work, our integrated modular software manages projects with over $1 trillion globally. Based in Scottsdale, Arizona, InEight supports a remote work model with employees working throughout the United States, Canada, Australia, Sri Lanka and Europe. InEight, an ISO 9001:2015-registered company, is a subsidiary of Kiewit Corporation (Kiewit). Kiewit, through its subsidiaries, is one of North America’s largest and most respected construction and engineering organizations. InEight is a fast-paced, innovative company comprised of high-energy teams of self-starters playing integral roles in shaping the future of capital projects around the world.

We offer our fulltime employees a comprehensive benefits package that includes top-tier medical, dental and vision plans covering eligible employees and dependents, voluntary wellness and employee assistance programs, life insurance, disability, retirement plans with matching, and generous paid time off.

The Information Security Analyst will be involved in developing information security and privacy policies and procedures. They will plan and develop policies and procedures to protect sensitive data and systems from infiltration and cyber-attacks. They will ensure appropriate security controls are in place to safeguard digital files and vital electronic infrastructure and respond to computer security breaches and viruses. The role focuses on compliance and governance requirements to ensure the company meets standards and will be familiar with cloud and virtualization technologies; with special requirements needed to secure public cloud environments. The individual should be able to work with a close-knit team in a fast-paced, dynamic environment and make recommendations based on business needs, compliance needs, and security requirements.

• Ensure compliance with industry standards (e.g., FedRAMP, ISO 27001, IRAP, NIST, SOC 2)
• Develop policies and SOP documentation
• Conduct vulnerability assessments and implement remediation strategies by assigning tickets or tasks to correct business units
• Monitor cloud and local environments for compliance conformity and develop Microsoft Purview and Priva policies and reporting to ensure continuous improvement
• Implement and manage data and privacy protection processes
• Conduct internal audit, risk assessment, and business impact analysis
• Plan and oversee remediation of audit findings from previous audits
• Manage and update risk register and mitigation plans
• Complete and track Information security questionnaires from customers

• A Bachelor's degree in Computer Science, IT, Systems Engineering or a related discipline
• 3-5 years of work experience with incident detection, compliance, governance, and risk management
• Experience with GRC tools and formal audit preparation
• Experience with formal audit and risk assessment processes
• Experience Office 365 Security, Azure Public Cloud and Endpoint Security, Compliance requirements and audit procedures
• Experience with SIEM technologies and compliance regulations
• Strong attention to detail with an analytical mind and outstanding problem-solving skills
• Excellent written and oral communication skills
• Strong MS Office skills (Excel, Access, Project, etc.)
• Ability to work under pressure in a fast-paced environment
• Ability to work in a team environment
• Ability to work independently and communicate risks or potential problems to manager

InEight Inc. is an Equal Opportunity Employer (EOE) and will consider all applications without regard to race, marital status, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law.