Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Sullivan & Cromwell LLP

Senior Information Security Analyst

Sullivan & Cromwell LLP

Senior Information Security Analyst ensuring compliance with information security standards at S&C Electric. Responsible for managing the Information Security Management System processes and performing security assessments.

Posted 5/13/2026full-timeChicago • Illinois • 🇺🇸 United StatesSenior💰 $116,534 - $154,413 per yearWebsite

Tech Stack

Tools & technologies
Cyber Security

About the role

Key responsibilities & impact
  • Support the continuous improvement and monitoring of the Information Security Management System (ISMS) across the organization, including third-party suppliers.
  • Ensure that security measures are fully integrated, operational, and compliant with applicable regulations and standards.
  • Support and execute the planning, preparation, and execution of compliance audits.
  • Ensure implementation of ISMS documentation and technology platform, such that all assigned security policies, procedures, and processes are accurately maintained, automated, and streamlined reducing manual intervention and improving efficiency.
  • Integrate experience and insights into actionable ideas or solutions to manage information risk and advise cross-functional teams, third-party vendors, and other stakeholders.
  • Maintain and validate an accurate and up-to-date information asset inventory process, ensuring the completeness and accuracy of assets.
  • Perform regular asset-based and scenario-based risk assessments to identify vulnerabilities and risks associated with assets and inclusion in the risk register.
  • Identify, assess, and track treatment plans for information security and privacy-related risks and nonconformities for their severity, potential impacts, and their probably of recurrence.
  • Coordinate and communicate updates to process, policies, and procedures based on the treatment of risks and nonconformities.
  • Assist in completion and maturation of supply chain risk management activities and administer associated technology platforms to ensure conformance with the standard and compliance with legal, regulatory, and contractual requirements. Activities include, but are not limited to, tracking third-party security scores and working with third-parties and internal functions to improve their security scores, performing contract reviews, and completing customer questionnaires while managing improvement to security processes reflected in responses.
  • Support the development and monitoring of Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the ISMS.
  • Collect, analyze, and summarize relevant data to be reported to leadership, helping drive strategic security initiatives and ensuring ongoing compliance with regulatory and customer requirements.
  • Stay up-to-date on emerging regulations, customer requirements, and best practices, ensuring that the ISMS evolves, as necessary. Ensure stakeholders are informed on how to address changing compliance environments, including privacy regulations (e.g., GDPR, CCPA, and other relevant U.S. state laws).
  • Mentor and coach lower-level information security analysts. Review their work for quality, consistency, and alignment with ISMS standards.
  • Maintain regular and punctual attendance.
  • Attend in-person or virtual meetings as requested or required.
  • Communicate effectively and respectfully with others.
  • Other responsibilities as assigned.
  • Understand and comply with all applicable Company policies and rules.

Requirements

What you’ll need
  • Bachelor’s degree in Business Information Systems, Computer Science, Computer Engineering, Business, or equivalent experience
  • 5+ years of direct experience in information security governance, compliance, and risk management, with prior experience in other IT or cyber security roles.
  • Working knowledge of information security-related frameworks and standards, including ISO/IEC 27001:2022 Information Security Management and additional frameworks including NIST 800-53, NIST 800-171, IEC 62443, NERC CIP, and CMMC.
  • Experience with Governance, Risk, and Compliance (GRC) tools.
  • Strong customer service orientation with the ability to take initiative in pursuit of improved service.
  • Excellent communication skills (written, verbal, listening, and presentation); able to liaise effectively with internal and external stakeholders to support decision making and achieve desired results and influence others towards conformance with the ISMS.
  • Ability to independently collaborate with team members, subject matter experts, cross-functional teams, and stakeholders.
  • Strong analytical skills, especially related to security governance, strategic planning, problem resolution, and change management. Ability to use technical acumen and analytical skills to analyze data and drive informed decisions, problem-solve issues, and leverage data and learnings to drive continuous improvement.
  • Excellent organizational skills with ability to prioritize tasks and meet targets.
  • Embraces change and has the ability to coach junior team members through change and ambiguity.
  • Proficient with Microsoft business applications (Teams, SharePoint, Office applications, etc). Experience developing process workflow diagrams using Visio or an equivalent tool.
  • Ability to travel as required.

Benefits

Comp & perks
  • Health and Welfare Benefits: Medical & Prescription, Dental, Vision, Health Care and Dependent Care Flexible Spending Accounts, Health Savings Account (HSA), Group Life Insurance, optional Supplemental Life and AD&D Insurance, Wellbeing Resources including Employee Assistance Program and Family Forming Benefits (i.e., Adoption and Fertility support)
  • Leave Benefits: Vacation Time, Sick Time, Paid Holidays and Company Shutdown days, Short-Term Disability, Long-Term Disability, Other Leaves, Paid Parental Time and Military Leave
  • Retirement Benefits: 401(k) Retirement Savings and Employee Stock Ownership Plan (KSOP) offering traditional and Roth 401(k) options and an Employee Stock Ownership Plan (ESOP) component; KSOP participants can receive annual ESOP company contributions of over 11% of eligible earnings (3% Core, up to 3.5% Match, Variable Periodic).

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information security governancecompliancerisk managementISO/IEC 27001:2022NIST 800-53NIST 800-171IEC 62443NERC CIPCMMCdata analysis
Soft Skills
customer service orientationcommunication skillscollaborationanalytical skillsorganizational skillschange managementcoachingproblem resolutioninitiativeprioritization