Information Security Analyst

• Serve as a point of contact for client information security compliance requests, review contracts, and attend client meetings to address security concerns.
• Manage third-party risk assessments, evaluate vendor security controls, and review exception requests.
• Conduct business impact assessments, facilitate business continuity and disaster recovery exercises, and support ISO 27001 compliance and audits.
• Assist in developing and maintaining the information security compliance program, governance frameworks, risk management, and security awareness training.

This role helps protect sensitive environmental and sustainability data, ensuring ERM can continue to support organizations in addressing critical ESG challenges while maintaining the highest security standards.

• Bachelor's degree in Computer Science, Information Security, or related field.
• 3-4 years of experience in information security, compliance, or related field.
• Strong verbal and written English communication skills, including presentation and technical report writing.
• Hands-on experience with GRC tooling (e.g., risk management, third-party security).

Contractual role for 6 months. ERM is a people-first organization that values well-being, career development, and a diverse, inclusive community. Specific compensation details not mentioned.

ERM is a leading global sustainability consulting firm that helps organizations navigate complex environmental, social, and governance (ESG) challenges, driving sustainable impact for clients and the planet.