Iron Mountain Senior Information Security Compliance Analyst in Boston, Massachusetts

Overview

Founded in 1951, Iron Mountain Incorporated (NYSE: IRM) is the global leader in storage and information management services. Iron Mountain is committed to storing, managing and transforming what our customers value most, from paper records to data to priceless works of art and culture. Providing a full suite of solutions – records and information management, data management, digital solutions, data centers and secure destruction – Iron Mountain enables organizations to lower storage costs, comply with regulations, recover from disaster, and protect their data and assets from a complex world. Visit the company website at www.ironmountain.com for more information.

Iron Mountain enables 94% of the Fortune 1000 to smartly and securely manage their physical and digital information assets. With unmatched innovation and collaboration, our teams create information management solutions for our customers’ data, no matter what format, location or lifecycle stage it’s in and no matter where it’s kept. We are more than 17,000 people strong and growing. We’ve been a trusted records management leader since 1951.

Iron Mountain is an equal opportunity employer, and does not unlawfully discriminate on the basis of race, color, religion, sex, national origin, marital status, age, sexual orientation, gender identity characteristics or expression, disability, medical condition, U.S. Military or veteran status or other legally protected classifications in making employment decisions.

Responsibilities

The information Sr. Security Compliance Analyst will work to ensure Iron Mountain maintains its compliance to external customer and regulatory requirements to ensure the Confidentiality, Integrity and Availability of IronMountain’s network, digital information, user accounts or other sensitive information. The Information SecurityCompliance analyst will assist in the performance of Information Security Risk Assessments of Iron Mountain’sbusiness lines and operational regions.

Responsibilities:

  • Participating in the evaluation of Information Security Policies, Standards, Procedures, and Guidelines for

  • multiple platforms and diverse systems environments as they pertain to regulatory and customer compliance requirements.

  • Performing risk assessments and simulating audit test plan to ensure compliance with Information Security Policies, Standards, Procedures, and Guidelines. When risks and threats are identified, communicating to relevant parties/ departments for remediation plans and mitigating controls.

  • Using relevant information and individual judgment to determine whether events or processes comply with laws, regulations, or standards.

  • Conferring with business stakeholders to discuss issues pertaining to their compliance needs.

  • Providing sufficient information and audit artifacts to external auditors/ assessors to meet audit requirements.

  • As an Information Security Compliance Analyst, you will work with Customer Assurance team to handle external and internal customers' inquiries pertaining to Information Security compliance program in order to let them feel confident that our environment is secured and doing business with us.

  • This is a global role, working across functional groups in Europe, Latin America, Asia Pacific and North America

Qualifications

  • Good communication, written and verbal skills as there will be frequent interactions with Iron Mountain

  • Stakeholders and external auditors/ customers

  • Ability to manage demands of internal and external customers through phone, email and process requests

  • Strong organizational skills to manage fast paced and demanding requests in a defined service level

  • Ability to team with other groups to influence the collection of information required to obtain compliance

  • Familiarity with Information Security Compliance frameworks (such as, ISO 27001/2, PCI, SOC 2/3, OSPAR, HIPAA)

  • The job requires the ability to make judgments based on practice and past precedence.

  • The job requires the ability to evaluate complex situations and novel situations using multiple sources ofinformation.

  • The job requires complex judgments, in depth analysis, interpretative thinking and the ability to independently develop innovative solutions.

  • Bachelor’s Degree with a minimum of four (4) years of experience

  • At least one of the following: CISSP – Certified Information Systems Security Professional, CISM -- Certified

  • Information Systems Security Manager or CISA -- Certified Information Systems Security Auditor

  • Ability to travel up to 10-25%

A strong candidate will possess a background in Information Security and Technology; you’ll thrive in this role if

you:

  • Enjoy staying on top of the latest security practices

  • Have a passion for protecting customer data from threats

  • Feel excited about the potential of securing applications and information -

  • Work well with both technical and non-technical business partners

  • Compliance Obligations:

It is the responsibility of every Iron Mountain employee:

  • to comply with all applicable laws, rules, regulations, and company policies

  • to exhibit ethical behavior in accordance with our Code of Ethics and Business Conduct

  • to complete required training within the allotted time frame

Iron Mountain is an equal opportunity employer, and does not unlawfully discriminate on the basis of race, color, religion, sex, national origin, marital status, age, sexual orientation, gender identity characteristics or expression, disability, medical condition, U.S. Military or veteran status or other legally protected classifications in making employment decisions.

Requisition # 2018-18715

Category Security

Type Full-Time