Information Security Analyst

Job Location(s) US-MA-Boston
Requisition #


Founded in 1951, Iron Mountain Incorporated (NYSE: IRM) is the global leader in storage and information management services. Iron Mountain is committed to storing, managing and transforming what our customers value most, from paper records to data to priceless works of art and culture. Providing a full suite of solutions – records and information management, data management, digital solutions, data centers and secure destruction – Iron Mountain enables organizations to lower storage costs, comply with regulations, recover from disaster, and protect their data and assets from a complex world. Visit the company website at for more information.
Iron Mountain enables 94% of the Fortune 1000 to smartly and securely manage their physical and digital information assets. With unmatched innovation and collaboration, our teams create information management solutions for our customers’ data, no matter what format, location or lifecycle stage it’s in and no matter where it’s kept. We are more than 17,000 people strong and growing. We’ve been a trusted records management leader since 1951.
Iron Mountain is an equal opportunity employer, and does not unlawfully discriminate on the basis of race, color, religion, sex, national origin, marital status, age, sexual orientation, gender identity characteristics or expression, disability, medical condition, U.S. Military or veteran status or other legally protected classifications in making employment decisions.


Iron Mountain complies with the Accessibility for Ontarians with Disabilities Act and welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.


The person will work within the Information Security Governance team and be responsible for assisting in improving the overall security posture of the organization.  S/he will participate in conducting vulnerability and risk assessment to determine the security posture of various applications, business units or regions.  The individual will assist in developing and maintaining metrics for Information Security team to support the company’s continuous monitoring procedures.


Additional Responsibilities

  • Assist in conducting InfoSec assessments to determine adherence to global policies and develop remediation plans as needed.
  • Assist in conducting InfoSec risk assessments on various applications, systems, business units or regions
  • Participate in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems environment
  • Assist in the development, collecting and maintenance of information security related metrics to support the company’s continuous monitoring program
  • Under supervision analyze findings, and document, recommend and report program gaps to security leadership.
  • Help with conducting vulnerability scanning and remediation process by analyzing reports, opening tickets and tracking progress
  • Help write scripts and SQL queries to pull data from various location, correlate and graph results 


  • Working knowledge of information security as it relates to enterprise IT systems, operating systems, software, communications and network protocols

  • Understanding of IT infrastructure to include network devices and protocols, servers based applications and workstations 

  • Obtaining a degree within a Bachelor of Computer Science, Business Information Systems or equivalent is preferred

  • Ability to script in python or Perl is a plus

  • Working knowledge of SQL query language is preferred

  • Strong working knowledge of Microsoft Excel skills that include writing formula, conditional formatting, charting, pivot tables 

  • Metrics creation and PowerPoint skills a must – analytics tool skills preferred

  • Strong organizational skills with the ability to multitask and to meet deadlines

  • 1-2 years of work experience in the information Security technologies and IT environments or equivalent education 

  • Travel: 0-5%


Compliance Obligations: 

It is the responsibility of every Iron Mountain employee:

  • to comply with all applicable laws, rules, regulations, and company policies
  • to exhibit ethical behavior in accordance with our Code of Ethics and Business Conduct 
  • to complete required training within the allotted time frame