Job description
The Information Security Analyst will be a key member of a growing Information Security team responsible for the day-to-day operations of the security infrastructure. Will work closely with third-party partners who support the enterprise and will be responsible for managing the vulnerability remediation process as well as preventing intrusions. This role works closely with application development, Dev/Ops team and IT Compliance to ensure new and existing technical solutions are implemented in a manner that preserve the confidentiality, integrity and availability of customer data.
ESSENTIAL FUNCTIONS AND ACCOUNTABILITIES
· As an internal security resource, assists information security leadership with the continual development and refinement of information security policies and associated processes to enforce, monitor, maintain and evaluate the information security systems.
· Provides critical support to information security programs through the communication of information security policies, programs and processes. Delivers periodic technical training sessions and presentations to all staff on topics concerning information security.
· Provides key technical support to technology projects to ensure projects comply with information security requirements
· Assist IT Compliance team in the evaluation of control testing when appropriate.
· Maintains a level of technical proficiency within the information security field by participating in vendor driven webinar and training sessions, attending other technical and security trainings, seminars.
· Develop and manage a vulnerability management program.
Work Experience/Skills - Required
·Knowledge of auditing concepts and principles.
·Familiar with Sarbanes-Oxley, PCI, and HIPAA
·Ability to perform control reviews on systems development, operation, programming, control, and security procedures and standards.
·Experience working with Active Directory
·Ability to communicate with and understand the requirements of professional staff in their respective specialty.
·Strong interpersonal and communications skills
·Self-starter with little management supervision
·Ability to prioritize and organize daily tasks to ensure timely completion
Work Experience/Skills - Preferred
·Working knowledge of IT general computer controls, logical access controls, data center physical security controls, computer operations controls, and/or disaster recovery planning
·Understanding of Sarbanes-Oxley section 404
·Knowledge of computer systems development and programming.
·Experience with Oracle user administration
·Knowledge of general accounting principles.