As a Security Analyst, you will be responsible for coordination of IT security efforts to reduce risks, respond to incidents and limit exposer to liability and risk with regard to IT systems, networks and applications. This position utilizes strong policy and process knowledge as well as skills and expertise with a variety of technologies. It also involves interaction with numerous other departments and business functions.
- Defines, implements, and maintains information security policies, standards and procedures.
- Maintains overall security program and reports status to company officers.
- Supports audit efforts related to information security
- Recommends and implements new tool sets and practices with regards to information security
- Provides security consultation and architecture review on projects to business and IT groups.
KNOWLEDGE, SKILLS AND ABILITIES:
- Possession of an undergraduate degree in computer information technology, computer engineering, or related degree or equivalent experience.
- Minimum of 3+ years’ experience in Information Security.
- Familiarity with regulatory and legal requirements (e.g., SOX, PCI)
- Familiarity with common Web Application Security risks (e.g., Cross Site Scripting, SQL Injection, Authentication and Session Management)
- Professional certifications preferred (e.g., CISSP, CEH, CIA, CISM, etc.)
- Knowledge of security & risk frameworks, standards, and best practices (i.e. PCI, ISO, COBIT)
- Knowledge of and implementation experience with security technologies and architecture, including encryption, network security, firewall configuration, intrusion detection, data loss prevention and application security
- Experience in vulnerability management, including testing, scanning, and patching
- Experience conducting and mitigating security/risk assessments Strong analytical skills and attention to detail
- Excellent time management skills, and the ability to prioritize and multi-task
- Ability to work efficiently and independently with minimal supervision (i.e. self-motivated and willing to stretch to meet important deadlines)
- Ability to work successfully in a cross-functional team environment.
- Hands-on Networking and Systems Administration experience with Windows, Linux, Unix