Information Security Advisor-ImageQuest jobs in United States
cer-icon
Apply on Employer Site
company-logo

Lyra Technology Group · 8 hours ago

Information Security Advisor-ImageQuest

positionFranklin, TN
timeFull-time
remoteHybrid
seniorityMid Level
money$75K/yr - $80K/yr
date4+ years exp

Lyra Technology Group is a family of industry leading technology service businesses, and they are seeking a full-time Information Security Advisor to join their team at ImageQuest. The role involves safeguarding client data and infrastructure, developing tailored Information Security Programs, and ensuring compliance with industry regulations.

Business DevelopmentIndustrialInformation Technology

Responsibilities

Support the designated Chief Information Security Officer or Information Security Officer with special projects
Help develop and maintain the client’s Information Security Program
Create, update, and maintain written Information Security Policies and Procedures tailored to meet the unique needs of each client and industry standards
Participate in the collaboration with clients to ensure all policy and procedural documentation is current, accurate, and aligned with organizational goals
Work with the Director of Advisory Services to identify opportunities for enhancing security documentation processes and improvements to ensure effectiveness and compliance with evolving security threats
Assist clients in completing third-party information requests, such as security questionnaires, ensuring accurate and thorough responses with the assistance of relevant teams
Provide clients with guidance on matters related to cyber insurance, tapping into internal resources and knowledge bases to deliver informed recommendations
Contribute insights into Advisory Services by participating in sales meetings and joining periodic business review calls with Relationship Managers, showcasing value to current and prospective clients
Based on client engagement, coordinate or support responses to actual security incidents by leveraging the Cyber Incident Response Plan (CIRP) and collaborating with incident response teams
Assist in the preparation and execution of the annual SOC 2 audit, providing necessary documentation and support
Lead and oversee annual risk assessments in compliance with regulatory requirements, identifying gaps and recommending corrective actions
Develop a risk register to track gaps and corrective actions
Develop and maintain a comprehensive calendar for risk assessments to ensure timely evaluations
Participate in the development and implementation of risk mitigation strategies pertaining to information security
Prepare a detailed Executive Summary, outlining the client’s current security posture and areas for improvement
Develop and uphold comprehensive written policies and procedures for Vendor Management, with focus on new vendors and ongoing monitoring
Support the Lead Information Security Advisor by coordinating vendor due diligence, ensuring consistent application of due diligence strategies across non-banking and banking client assignments
Conduct non-banking client vendor reviews, ensuring all documentation is current and compliant with company standards, and create summary for presentation to client
Create, review, and manage comprehensive written policies and procedures for Cyber Incident Response Plans (CIRP), ensuring readiness and compliance
Lead and coordinate incident response tabletop exercises
Create Executive Summaries that highlight key takeaways and lessons learned from tabletop exercises
Create, review, and update of Business Continuity and Disaster Recovery Plans to ensure they remain current and effective, adapting to changes in client operations and external threat landscapes
Help organize and facilitate regular testing, including simulations and scenario-based exercises, to validate their effectiveness and readiness
Support and Implementation of Security Awareness Training Programs
Work closely with the Lead Advisor to support clients' ongoing Security Awareness Training Programs, ensuring alignment with strategic objectives
Extract, analyze, and synthesize data from client’s KnowBe4 consoles to create detailed and actionable reports, providing insights for client discussions
Implement and monitor client consoles by setting up and fine-tuning campaigns, smart groups, and ongoing phishing tests
Actively oversee clients' consoles to detect and resolve issues, collaborating with KnowBe4, Breach Secure Now, and other relevant stakeholders to address these concerns on the clients' behalf
Take the initiative to notify clients about users who are past due on their training to improve completion rates with personalized follow-ups and reminders
Engage with clients to gather feedback on training experiences and report this feedback to the Lead Advisor for potential integration into program strategy
Assist in customizing training content and testing cadences for clients, under the guidance of the Lead Advisor, to ensure that training solutions are specifically aligned with client needs
Actively review established training programs, identifying gaps in learning, and making recommendations for enhancements to the Lead Advisor
Develop expertise and stay current with software platform developments by participating in regular meetings and training
Participate in client-facing meetings as required to present overviews of data analysis

Qualification

Information Security ProgramRisk ManagementIncident ResponseVendor ManagementSecurity Awareness TrainingCISSPCISACISMSecurity+Consultative ApproachClient InteractionAnalytical SkillsOrganizational SkillsAttention to Detail

Required

Bachelor's degree desired. Advanced degree a plus
4+ years information security, IT audit, compliance, and/or risk management experience desired
Demonstrates a consultative approach to providing risk-based security and process
Ability and desire to interact with clients
Experience planning and executing policies and standards development
Knowledge of business theory, business processes, and business office operations
Excellent organizational skills with strong attention-to-detail
Strong analytical and problem-solving skills with a proven ability to exercise initiative, judgment, and discretion
Ability to function well in a high-paced environment
Proficiency with standard business software

Preferred

Knowledge of or experience in a regulated industry (e.g., healthcare, insurance, banking, etc.)
Understanding of support tools, techniques, and how technology is used to provide IT services
Exposure to data processing, hardware platforms, enterprise software applications, and outsourced systems, including financial systems
Knowledge of security concepts related to IT infrastructure
Recommended certifications may include: CISSP, CISA, CISM, Security+

Company

Lyra Technology Group

twittertwitter
company-logo
Lyra Technology Group is a technology service businesses that operates by exceptional management teams. It is a sub-organization of Evergreen Services Group.
dateFounded in 2017
location
Chicago, Illinois, USA
people-size1001-5000 employees
web-link
https://lyratechgroup.com

Funding

Current Stage
Late Stage

Leadership Team

E
Elliott Hyman
Chief Executive Officer
linkedin

Recent News

PRWeb
Evergreen Welcomes Blackbird IT to Global Family of Leading MSPs
2025-10-16
SalesTech Star
Synthreo Appoints ConnectWise and Liongard Veteran Callen Sapien as CEO as MSP AI Service Requests Surge 343%
2025-09-12
PRWeb
Evergreen Welcomes Leading Canadian MSPs Amid Historic Sector Growth
2025-09-04
Company data provided by crunchbase