The Information Security Analyst II is an integral part of the IT organization that reports directly to the Manager Information Security (IS) and is responsible for developing and promoting the Systems Security function within Sharp. This function will assist in the definition of potential systems security issues and identify viable alternatives. The Information Security Analyst II will be involved in scheduling, administering, identifying, and performing technical analysis and ongoing monitoring of IS requirements necessary for the protection of all information processed, stored, or transmitted by the various systems.
- Keep management as current as practical with information on perceived and existing threats to the organizations information security.
- Assist in the development of processes to confidentiality, integrity, and availability standards for systems and networks of the organization.
- Assist in development and delivery of system security awareness education programs for all levels of the organization, including but not limited to the new hire process and ongoing awareness program.
- Assist departments, affiliates, and associates with the development of security business goals, policies and standards to specify the functional requirements for systems security and access controls.
- Analyze manual and automated IS functions and provide input to management and department stakeholders.
- Perform technical evaluation and testing of hardware and software for any possible impact on the security of the systems; ensure modification if requirements are not met; approve them when in conformance; provide analysis and reports to management as needed.
- Exhibit leadership in the identification and analysis of IS business practice irregularities and infractions/violations; conduct detailed inquiries; assess potential damage; monitor corrective action; and recommend cost-effective preventative measures to preclude reoccurrences.
- Develop, maintain, and enhance IS functional system tests and evaluations, risk assessments, software and hardware evaluations, access controls, and other related systems.
- All additional IS related duties as required.
Education and Certification:
Working Knowledge of:
- Bachelor degree in relevant domain with 3 to 5 years work experience as an Information Security professional. Graduate Degree is desirable.
- Substantial progress towards certification: CISSP, CISM, CISA, CRISK, etc… Current Certification desirable.
- IS Analysis of processes and procedures in the areas of: security infrastructure design, risk assessment and management, WEB Application and Cloud security, policy/control design and enforcement, intrusion detection, business continuity planning, security operations management, and third party service provider management
- Principles and practices of IS theory and methods such as: ISO27K, COBIT, SSAE 16 SOC, SANS, FFEIC, RISK IT, NIST, PCI-DSS, ITIL, etc…
- Technical evaluation and testing of hardware and software related to systems security “hardening” and risk mitigation.
- Solution products that enable and enhance the security of systems such as IDS/IPS, Firewalls/WAF, SIEM, and GRC.
- Authentication technologies and processes such as: VPN, SSL, SSH, PKI, SFTP, VDI etc…
- Keep current with changing technologies and IS related risk/vulnerabilities. Stay abreast of organizational objectives and initiatives to apply analysis, identification, and resolution of IS related issues.
- Define organizational IS requirements, identify and analyze IS risks, develop and implement IS risk mitigations, and document and communicate auditable evidence.
- Work independently exercising good judgment, decisiveness, and creativity; exercise initiative within established procedural guidelines; and organize and prioritize work to meet established deadlines.
- Excellent communications and interpersonal skills with the ability to effectively interact with a diverse group of IT Staff located in multiple sites, including proven effectiveness working with global teams.
Sharp Electronics Corporation - 13 months ago
Sharp Electronics Corporation is the Mahwah, N.J.-based marketing and sales subsidiary of Japan's Sharp Corporation, a worldwide developer...