Information Security Governance Analyst

Information Security Governance Analyst

Website Federal Home Loan Bank of Boston

The Federal Home Loan Bank of Boston is a leading provider of wholesale funding for housing and community finance in New England serving more than 420 financial institutions across the region. The Federal Home Loan Bank of Boston is committed to making New England a better place to live and do business, and our employees are integral to our success. As a cooperative, we are owned by more than 420 banks, credit unions, insurance companies, and community development financial institutions that access tens of billions of dollars of our reliable, wholesale funding each year. Our funds are a vital resource that helps our members succeed, provide families with safe, decent affordable housing, and generate economic development that creates jobs in communities throughout our region.

Our highly skilled team of 200 is diverse, innovative, collaborative, and passionate about the work we do. We seek other professionals excited to share their knowledge, talent, and passion for our mission to join our team. We offer opportunities for career development, robust benefits, and a work-life balance.

Position Summary

The Information Security Governance Analyst plays an important role in supporting the development, administration, and oversight of the Bank’s Information Security program.

Reporting to the Information Security Governance Manager, this role supports the Information Security program in the following areas: Identity and Access Management, Physical Security, Security Awareness, Information Security Policies/Standards, Vendor Management, Compliance and Privacy Programs.  This is a hands-on operational role and will work closely with Information Technology Risk, Enterprise Risk, and Internal Audit.

To set a new colleague up for success, our expectation is that 3 or 4 days a week will be office-based work. Once fully onboarded, this role will have a hybrid work schedule in our Boston office in accordance with the Bank’s Hybrid Work Program.

Specific Responsibilities

·         Support the update and socialization of the Bank’s Information Security policies and standards.  Help ensure IS procedure documents are kept up to date and aligned with the Bank’s Information Security policies and standards.

·         Support the Bank’s Vendor Management Program and the assessment of information security due diligence reviews and Application Security Risk assessments.  May include but is not limited to completing risk analysis, evaluating submitted information, and preparing summary reports.

·         Support the Identity and Access management program, including all user lifecycle activities (i.e., joiner/mover/leaver) as well as facilitating quarterly access review process.

·         Manage the facilitation of physical badges to the Bank’s primary and disaster recovery office spaces.

·         Provide formal Security Awareness and Privacy training to all employees.

·         Participate in key Information Security projects and initiatives.

·         Assist in conducting business continuity exercises designed to assess the effectiveness of the Information Security department’s business continuity plans.

·         Serve as the Information Security department’s records management coordinator.

·         Perform other duties of the Information Security department as assigned by the Information Security Governance Manager.

·         Other duties, as assigned.



·         A degree in cybersecurity, business, technology, computer science or related field or relevant work experience. 

·         Ability to work independently with little supervision.  Customer service oriented with excellent interpersonal skills.

·         Strong experience in Microsoft Office Suite (Word, PowerPoint, Excel) and other related software applications.

·         Ability to learn quickly and comprehend technical and business concepts.

·         Deadline-driven and organized.

·         Knowledge of Information Security applicable US laws and regulations.  i.e., SOX, GLBA, MASS Privacy Law.

·         Extensive knowledge of Information Security principles and operational best practices.

·         Familiarity with COBIT and NIST security frameworks.

·         Strong analytical skills and a high degree of attention to detail must be demonstrated.

·         Highly effective written and oral communication skills are required for success.

·         Ability to exercise independent judgment to manage varied complex projects from inception through completion.



·         A minimum of 2 – 3 years of experience in Information or Cyber Security, Information Technology Auditing and/or Risk Management, Banking or Financial Services.

·         Experience managing a badge security system strongly desired.

·         Experience with Information Security policy development and implementation.

·         Identity and Access Management program experience (provisioning, role-based access, access reviews).

·         Risk assessment and remediation experience.

·         Familiar with Windows and UNIX system administration.

 The Federal Home Loan Bank of Boston is committed to building and sustaining a diverse workforce that reflects the communities that we serve. As an Equal Opportunity Employer, we strongly encourage applicants from every ethnicity, color, religion, gender, age, national origin, disability, veteran or parental status and sexual orientation.

Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

To apply for this job please visit