Jobright is an AI-powered career platform that helps job seekers discover the top opportunities in the US. We are NOT a staffing agency. Jobright does not hire directly for these positions. We connect you with verified openings from employers you can trust.
Job Summary:
Click Therapeutics, Inc. is a leader in developing software as prescription medical treatments, focusing on digital therapeutics for various health conditions. The Cybersecurity Project Analyst will play a crucial role in the information security program, helping to design, implement, and monitor security measures to protect the company.
Responsibilities:
• Maintain awareness of emerging cybersecurity threats, regulatory requirements, and industry best practices across Information Security, Application Development, GRC to help drive organizational change.
• Identify and assess vulnerabilities in critical assets, customer network, and systems; coordinate and manage remediation activities to closure.
• Maintain and mature the Third-Party Risk Management lifecycle, including onboarding, due diligence, re-assessments, and risk mitigation.
• Monitor and track risk, risk exceptions and compensating controls; ensure risk acceptance processes are documented and approved in accordance with governance policies.
• Develop, implement, and maintain risk and compliance programs aligned with NIST, ISO 27001, SOC 2, and CyberEssentials frameworks.
• Create, update, and maintain standard operating procedures (SOPs) and information security policies (ISPs) to ensure alignment with organizational posture and compliance requirements.
• Lead internal and external audits and support compliance efforts, including SOC 2, ISO-27001, and other regulatory frameworks.
• Assist with incident response activities, including triaging alerts, and investigating security events to system and network security alerts.
• Lead monthly phishing simulation campaigns and analyze results to strengthen the organization’s security awareness.
• Manage and enhance the Security Awareness Training program, ensuring engagement and ongoing relevance to emerging threats and best practices.
• Participate in the change management process, ensuring that security requirements and impact assessments are properly addressed.
• Collaborate with the Cloud and Application engineering teams to provide security-focused guidance during the design and implementation phases.
• Work as part of a cross-functional team of engineers and analysts, contributing in a respectful, inclusive, and collaborative environment.
• Manage projects under minimal supervision and create progress reports.
Qualifications:
Required:
• 1+ years of hands-on experience in cybersecurity, information security, or a related field.
• Strong eagerness to learn, take initiative, and engage with new and evolving tasks.
• Effective verbal, written, and interpersonal communication skills.
• Foundational knowledge and understanding of IT risk assessments of potential and current information security risk.
• BS degree in Computer Science, Cyber Security or related field or equivalent work experience.
Preferred:
• Experience working with cloud-based environments and microservices architecture, including configuration, operation, and maintenance (e.g., AWS).
• Familiarity with compliance and risk management requirements in regulated industries such as healthcare, or related industries.
• Working knowledge of common security frameworks (e.g., NIST, SOC 2, ISO27001)
• Familiarity with developing within an agile scrum planning methodology
• Relevant certifications such as CC, SEC+, CISA, CISM.
Company:
Click Therapeutics, Inc., develops, validates, and commercializes software as prescription medical treatments for people with unmet medical needs. Founded in 2012, headquartered in New York, New York, USA, team size 51-200 employees, currently Growth Stage.
