Job Description
Job Description:
The IT Security & Compliance Analyst supports and operationalizes the organization's global information security and compliance program in support of mission‑critical, safety‑sensitive, and highly regulated aviation operations. The role focuses on improving security operations, vulnerability management, audit readiness, identity governance, third‑party risk management, and overall security maturity across global IT environments. Working closely with Infrastructure & Operations, Applications, and business stakeholders, the Analyst helps reduce enterprise risk, strengthen regulatory compliance, and ensure security controls are effective, repeatable, and defensible. PRINCIPAL RESPONSIBILITIES
Security Operations & Incident Response Monitor, analyze, and investigate security events using SIEM, EDR, email, cloud, and endpoint security tools. Coordinate incident response activities including containment, eradication, recovery, and post‑incident reviews. Maintain and improve incident response playbooks and track response metrics and corrective actions. Vulnerability Management & Risk Reduction Coordinate vulnerability scanning and validation across infrastructure, endpoint, cloud, and application environments. Prioritize vulnerabilities based on severity, asset criticality, and exploitability. Track remediation SLAs, exceptions, and risk acceptances; report status and trends to stakeholders. Identity, Access & Security Controls Support on‑premises and cloud identity platforms and secure authentication controls. Assist with joiner/mover/leaver processes, access reviews, and privileged access governance. Support enforcement of MFA, conditional access, and least‑privilege principles. Compliance, Audit & Continuous Readiness Support internal and external audits including SOX ITGC, ISO 27001, NIST CSF, NIST
800-171, and contractual requirements. Maintain audit evidence, control documentation, and test artifacts. Support proactive control monitoring to reduce repeat audit findings. Assist with regulatory readiness including aviation‑specific security requirements (e.g., EASA Part‑IS). Third‑Party & Supplier Security Support supplier security due diligence including questionnaires and review of SOC and ISO artifacts. Track vendor remediation actions and reassessment schedules for higher‑risk suppliers. Partner with Procurement and Legal to support security obligations in vendor contracts. Resilience, Business Continuity & Awareness Support IT emergency response, disaster recovery, and business continuity planning and exercises. Assist with security awareness initiatives and targeted training programs. PERSON SPECIFICATION
(minimum education requirements, key skills and experience) Qualifications:
Bachelor's degree in Computer Science, Information Technology, or equivalent professional experience. Security or audit‑related certifications preferred (CISSP, CISM, CISA, Security+, SSCP). Experience:
3+ years of experience in cybersecurity operations, compliance, vulnerability management, or audit support. Practical experience supporting incident response, vulnerability remediation, and audit evidence production. Experience working with third‑party service providers and regulated environments is desirable. Skills:
Strong understanding of information security controls and operational risk management. Ability to translate security findings into clear remediation actions. Strong documentation, analytical, and stakeholder communication skills. Comfortable operating in regulated, mission‑critical operational environments. Bristow Group is an Equal Opportunity Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Bristow Group With its headquarters in Houston, Texas, Bristow Group is the leading provider of helicopter services to the worldwide offshore energy industry based on the number of aircraft operated, and one of two helicopter service providers to the offshore energy industry with global operations. With recent acquisitions of premium regional air carriers, Bristow provides point-to-point scheduled and charter transportation services, combining fixed-wing with rotary-wing services to clients around the world. Bristow has proudly served the offshore oil transport industry in major exploration and production arenas for 60 years and has been responsible for many industry-leading technological innovations. Equal Employment Opportunity Bristow Group provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, genetic information, or any other characteristic protected by federal, state, or local laws. Bristow Group is committed to ensuring equal employment opportunity, including providing reasonable accommodations to individuals with a disability. Applicants with a physical or mental disability who require a reasonable accommodation for any part of the application or hiring process may contact the Human Resources Department at 337-335-2304 or accommodations@bristowgroup.com.
