Principal Information Security Analyst

Division: Information Technology

Employment Status: Exempt

Salary Grade: 108

Shift

Requisition ID: 76764

Please be aware that if you are selected to formally interview for an internal position you will be required to notify your current manager. Please refer to the Employee Transfers Guidelines posted on Skylink.

Description

The Principal Information Security Analyst will be a key member of Skyworks’ Information Security team. This person will work closely with cross functional teams to ensure appropriate physical, administrative and technical controls are operating effectively to ensure the confidentiality, integrity and available of Skyworks’ information resources. This role will be instrumental in supporting the strategy and execution of the Information Security program in partnership with senior management. In addition to technical acumen, the role requires an individual who is results-oriented, pragmatic, and consistently demonstrates effective problem-solving and communication skills. The Principal Information Security Analyst may act as the subject matter expert for colleagues in all aspects of information security. The successful candidate will be responsible for driving our cyber resilience initiatives, performing risk assessments, and assisting with compliance initiatives.

Responsibilities

Cyber Resilience

• Support the development and maintenance of the organization’s cyber‑resilience strategy, aligning with industry frameworks and regulatory requirements.
• Identify and maintain list of critical processes and supporting applications.
• Support the testing and validation of backup, restoration, and failover procedures to ensure rapid recovery during disruptions.
• Conduct resilience‑focused risk assessments to identify vulnerabilities, single points of failure, and potential operational impacts.
• Participate in the design and execution of incident response exercises, tabletop simulations, and recovery drills.
• Maintain and refine incident response playbooks, ensuring they reflect evolving threats and organizational changes.
• Prepare reports and metrics that communicate resilience posture, readiness levels, and improvement opportunities to leadership.
• Maintain clear documentation of resilience processes, system dependencies, and recovery procedures.
  
  

Governance, Risk and Compliance

• Contribute to the continuous improvement of the Information Security risk management program, compliance initiatives, and overall security risk posture.
• Develop, maintain, and enforce Skyworks Information Security Policies, Standards, Guidelines, and other Information Security related documents.
• Assist with risk assessments to identify potential threats and vulnerabilities across the organization, analyzing their impact and likelihood of occurrence, and developing appropriate mitigations strategies.
• Collaborate with cross functional teams to collect evidence for customer audits and policy frameworks such as ISO27001, CMMC, TISAX, GDPR, CCPA
• Maintain the security risk register and track the progress of remediation efforts.
• Updated our monthly metrics and dashboards that measure and showcase the maturity progression of Skyworks Information Security program.
• Provide cybersecurity expertise/consulting to teams and management
• Performs other security related duties and assignments, as needed, to support the program.
  
  

Third-Party Risk Management

• Maintain an up-to-date inventory of third-party vendors and their associated risk profiles
• Assess and monitor new and existing third-party vendors to ensure they meet security and compliance requirements.
• Issue corrective/improvement action requests and track vendor’s progress through closure.
• Utilize security ratings services to continuously evaluate the security posture of third-party vendors.
  
  

Security Awareness & Training

• Assist with the information security awareness programs which include security awareness training, phishing campaigns, security newsletters/publications and metrics dashboard
• Promote a culture of security awareness throughout the organization.
  
  

Required Experience And Skills

• Minimum Education Level: Bachelor’ s Degree, Information Systems Management, Computer Science, Cybersecurity, or related field.
• 5+ years of full-time work experience in IT audit, security risk management, information security, security compliance, privacy, or other GRC areas.
• Experience in security assessments, developing and implementing security controls, and driving security compliance programs.
• Working knowledge of industry standards (ISO 27001, NIST, SANS) and Privacy (GDPR, CCPA, PIPL) requirements.
• Good communication skills, strong work ethic, attention to detail, and ability to collaborate in a team setting.
• Strong critical thinking, analytical, and problem-solving skills are a MUST
• Proficient with the Microsoft office suite.
  
  

To be successful in this position, the candidate will be expected to 1) treat people with respect; 2) meet their commitments; 3) earn the trust and respect of their colleagues; 4) work ethically and with integrity; and 5) accept responsibility for their own actions.

Desired Experience And Skills

Referral Bonus Program Reward (if eligible): Rs150,000.00

---