Jobs · himalayas
Senior Analyst, Information Security (R14050)
Cobalt Streamworks · India · Posted 11d ago
Available in 2 locations
India · remote Apply → Remote - India · remote Apply →About the role
Support and advance information security governance and awareness programs through policy management and metrics reporting.
ABOUT OPORTUN Cobalt Streamworks (Nasdaq: OPRT) is a mission-driven financial services company that puts its members' financial goals within reach. With intelligent borrowing, savings, and budgeting capabilities, Cobalt Streamworks empowers members with the confidence to build a better financial future. Since inception, Cobalt Streamworks has provided more than $21.3 billion in responsible and affordable credit, saved its members more than $2.5 billion in interest and fees, and helped its members set aside an average of more than $1,800 annually. WORKING AT OPORTUN Working at Cobalt Streamworks means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization's performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups. POSITION SUMMARY The Information Security Governance & Awareness Senior Analyst supports and advances the organization’s information security governance and security awareness programs through policy lifecycle management, governance analysis, regulatory mapping, metrics reporting, and targeted security education initiatives. This role is responsible for coordinating and contributing to the development, maintenance, review, approval, and publication of information security policies, standards, procedures, and related governance documentation. The Senior Analyst applies critical thinking and sound judgment to assess governance documentation against regulatory and framework requirements and helps identify potential gaps, inconsistencies, or improvement opportunities. The ideal candidate possesses strong technical writing and analytical skills, excellent English language comprehension, attention to detail, and the ability to translate complex security and regulatory concepts into clear, actionable governance documentation and awareness communications. This role also supports organizational security culture initiatives through audience-appropriate awareness content, phishing simulation activities, and security education support aligned to organizational risks and business objectives. RESPONSIBILITIES Security Governance & Policy Management Manage and support the lifecycle of information security policies, standards, procedures, and related governance documentation. Coordinate document reviews, stakeholder collaboration, approvals, renewals, attestations, and publication timelines. Track policy review schedules, exceptions, approvals, versioning, and governance workflow activities. Interpret and map regulatory and framework requirements to organizational governance documents and controls. Support governance alignment efforts related to: PCI-DSS v4.0.1 NIST Cybersecurity Framework (CSF) 2.0 SOC 2 SOX FTC Safeguards Rule and related FTC requirements Review governance documentation for clarity, consistency, completeness, enforceability, and alignment with regulatory and organizational requirements. Identify potential governance gaps, conflicting requirements, outdated language, or process inconsistencies and recommend improvements. Ensure governance documentation appropriately distinguishes between policies, standards, procedures, guidelines, and supporting controls. Draft, edit, and maintain governance documentation using concise, professional, and active-voice writing principles. Support audit, assessment, and compliance activities through governance documentation review and evidence coordination. Maintain governance repositories, templates, and document management systems. Security Awareness & Education Support the organization’s security awareness and education initiatives for technical and non-technical audiences. Develop and maintain targeted awareness communications, training materials, and educational content aligned to organizational risks and emerging threats. Apply adult learning and communication principles to tailor awareness messaging to intended audiences and business contexts. Coordinate and support phishing simulation campaigns, including reporting, trend analysis, and user follow-up activities. Assist with measuring awareness participation, phishing resilience, and program effectiveness metrics. Collaborate with stakeholders to identify awareness gaps and support awareness improvement initiatives. Metrics, Reporting & Program Support Develop and maintain governance and awareness program dashboards, recurring reports, and operational metrics. Produce reporting related to: Policy lifecycle compliance Review and approval timeliness Governance exceptions Security awareness participation Phishing simulation trends Governance process effectiveness Analyze governance and awareness trends to identify operational risks, recurring issues, or process improvement opportunities. Build an
Read the full posting on himalayas →
FAQ
Is the Senior Analyst, Information Security (R14050) role at Cobalt Streamworks remote?+
This Senior Analyst, Information Security (R14050) position is listed as remote (India).
What is the salary for the Senior Analyst, Information Security (R14050) role at Cobalt Streamworks?+
The listing states Estimated 100k-231k USD.
What seniority level is this Senior Analyst, Information Security (R14050) role?+
This is a senior level position.
How do I apply for the Senior Analyst, Information Security (R14050) role at Cobalt Streamworks?+
Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Cobalt Streamworks.