Info Security Analyst - Senior

Location: Southlake, TX

Salary: $55.00 USD Hourly - $58.00 USD Hourly

Description: Our client is currently seeking a Info Security Analyst - Senior

Job Title: Info Security Analyst

Location: Southlake, TX/ Lone Tree, CO/ Phoenix, AZ

Duration: 6+ Months (Contract to Hire)

About the Role:

The Business Information Security Officer (BISO) is a subject matter professional (SMP) within the Technology Risk & Cybersecurity Compliance (TRACC) team under the client Cybersecurity Services (SCS) organization.

The Digital Assets BISO acts as the primary cybersecurity risk liaison and advisor for the client business units engaged in cryptocurrency and digital asset-related products, services, and vendor partnerships.

This role ensures that all digital asset initiatives adhere to the client cybersecurity policies and procedures, while enabling innovation in a secure and compliant manner.

The Digital Assets BISO will oversee vendor cybersecurity controls, conduct comprehensive risk assessments, guide business and technology teams on policy and standards, and support compliance and audit activities.

The role requires strong domain knowledge of crypto ecosystems, custody/security models, and third-party risk management, along with effective communication skills to bridge cybersecurity, engineering, and business functions.

Key Responsibilities:

1. Cybersecurity Governance & Business Alignment

Serve as the embedded security partner for Digital Assets business teams, aligning security requirements with product and operational objectives.

Translate enterprise cybersecurity policies and procedures into practical, actionable expectations for digital asset initiatives.

Participate in project planning, architecture reviews, and roadmap discussions to ensure secure design and regulatory alignment.

Support risk exception, risk acceptance, and mitigation processes.

2. Digital Asset & Cryptocurrency Risk Assessments

Lead end-to-end cybersecurity risk assessments for digital asset products, crypto custody models, wallet operations, blockchain integrations, and supporting vendors.

Evaluate risks related to private key management, wallet operations, smart contract risks, node infrastructure, and transaction processes.

Document risks, recommend compensating controls, and track remediation to closure.

3. Vendor Cybersecurity Oversight

Own the security risk lifecycle for digital asset vendors-from due diligence and contract negotiation to ongoing monitoring.

Review vendor cybersecurity evidence (SOC 2, pen tests, questionnaires, cloud posture).

Ensure contractual controls for data protection, breach notification, crypto asset handling, and regulatory adherence.

Track and drive remediation of vendor findings.

4. Education, Policy, and Standards Enablement

Educate business, engineering, and operations teams on client cybersecurity policies and secure practices.

Develop crypto-specific security training and guidance.

Promote a culture of security awareness.

5. Compliance, Audit, and Regulatory Support

Prepare and coordinate internal/external audit activities.

Ensure controls operate effectively and evidence is complete.

Support alignment with SEC, FINRA, OCC, FFIEC, and other regulatory expectations.

6. Cyber Incident Preparedness & Response

Collaborate with Cyber Operations and IR teams for crypto-specific incident preparedness.

Contribute to playbooks for key compromise, vendor breaches, on-chain exploits, and blockchain outages.

7. Risk Reporting & Executive Communication

Produce business-focused reporting on residual risk, vendor posture, assessment outcomes, KRIs, and audit findings.

Present risks and recommendations to leadership.

Qualifications:

Bachelor's degree in Information Security, Computer Science, Engineering, or related field.

7+ years in cybersecurity or technology risk.

Experience with digital assets, blockchain, or crypto custody/security.

Familiarity with cybersecurity frameworks: NIST CSF, NIST 800-53,, SOC 2, FFIEC.

Strong communication and risk articulation skills.

Preferred Qualifications

Cybersecurity-related certifications such as CISSP, CISM, CRISC, CCSP, CISA or similar.

Crypto-focused credentials or blockchain training.

Knowledge of key management systems, smart contract risks, and cloud security.

Experience with GRC (Governance Risk & Compliance) platforms.

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.

Contact:

This job and many more are available through The Judge Group. Please apply with us today!