We are seeking an IT Security Analyst. This role reports to the Director of IT Security.

Responsibilities

  • Implementing and maintaining security controls and solutions based on corporate policies and standards
  • Testing, designing and implementing security controls and solutions driven by corporate policies and standards to reduce the risk to the company and its customers
  • Building strong relationships with internal teams and leadership
  • Developing and ensuring implementation of information security strategies aimed at preventing cyber intrusions and attacks, protecting sensitive corporate information, and responding to security incidents affecting corporate information assets
  • Maintaining and evolving the corporate security governance program and ensure adaptation for changing threats and technological advances
  • Assessing Information Security policies, procedures, and standards to improve overall effectiveness of internal IT controls
  • Maintaining and communicating IT-related policies and ensure appropriate training across the organization
  • Implementing and maintaining a Risk Management Program for the organization
  • Interacting and consulting with various groups such as the Executive Team, Information Technology Leadership Team and various other departments to determine and review security issues and threats to assess the risk to the organization
  • Interacting with IT Development to ensure software design, coding, database architecture, etc. includes security best practices and is commensurate with compliance objectives
  • Providing direction to improve Disaster Recovery and Business Continuity Plans and develop emergency response procedures for potentially disastrous scenarios
  • Providing facilitation of security Incident Response management
  • Facilitating the Security Incident Response process, including coordination with appropriate departments, creating Root Cause Analysis documents and ensuring remediation efforts
  • Working with Director of Information security to facilitate Information Security projects including establishing goals, assigning tasks, deadlines, cost, tracking issues, and project status
  • Coordinating the IT participation in Regulatory and Compliance audits and provide support for internal and external security audits
  • Managing contract renewals for security services
  • Providing investigation assistance to external law enforcement agencies as needed
  • Establishing computer and physical security standards, policies, and procedures
  • Interfacing effectively with the systems engineering team to implement security solutions and controls
  • Designing security configuration standards, procedures, and guidelines
  • Designing and implementing mechanisms for assessing compliance with corporate standards, procedures, and guidelines.
  • Identifying and executing on opportunities to automate security controls
  • Designing and building controls to address security risks and events as identified
  • Defining clear, concise, and executable standard operating procedures and documentation for any implemented solutions for formal operational handoff.
  • Recognizing, adopting, and instilling industry leading practices in security engineering throughout the organization
  • Performing security assessments on new platforms, products, services, architectures, and vendors
  • Taking part in helping develop the maturity of the company’s security organization
  • Create and maintain Information Security peer network contacts locally, nationally and globally

Desired Skills and Experience

  • Bachelor’s degree in information security or similar discipline
  • Demonstrated experience and expertise in one or more of the following areas: penetration testing, application security assessments and/or regulatory compliance assessments
  • One or more certifications in Information Security (CISSP, CISM, CISA, etc)
  • Five years of experience successfully executing information security programs
  • Ability to assess Information Security and/or Compliance Risks, understand business needs, and apply defined information security policies and architectures to develop effective deliverables
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Excellent interpersonal, organizational, analytical, problem solving, oral and written communication skills

If you are interested in submitting an application for this role, please email Becky Ospina at usjobs@onyxcentersource.com and include your CV and a one-page cover letter telling us why you are interested in the role!