Information Security Senior Analyst, Engineering and Operations
Asurion - Nashville, TN

This job posting is no longer available on Asurion. Find similar jobs: Information Security Senior Analyst jobs - Asurion jobs

Information Security Senior Analyst

Security Engineering and Operations

Job Description

Position Title : Information Security Senior Analyst, Engineering & Ops

The Information Security Senior Analyst within Security Engineering and Operations assists with a variety of information security tasks in support of the Chief Security Officer for the firm, globally. The Senior Analyst has demonstrated in past roles the ability to work effectively with limited supervision on security related tasks and projects to drive results and build positive relationships with coworkers and customers (both internal and external). This individual will have an active role as a contributor and leader in managing access to sensitive information and systems; data leakage protection activities; firewall and network device rule reviews and compliance assessments; administration of encryption key and certificate management tools; management of privileged accounts and passwords; network device ACL reviews; construction and revision of device hardening standards; device hardening assessments; implementation of security services, software and systems globally; project review work for security adherence and concerns. Working with the Information Technology team and the rest of the security group, the incumbent will monitor, assess and update the environment to safeguard resources and information assets across the firm, both domestically and internationally.

      Responsibilities:
      ·


      Perform device reviews to ensure compliance with hardening standards, access controls and security related configuration settings.
      ·
      Management of elevated user and service accounts
      ·
      Monitor and advise on information security issues related to the systems and workflow at Asurion to ensure the internal security controls for the company are appropriate and operating as intended.
      ·
      Coordinate, execute and lead IT security projects.
      ·
      Coordinate response to information security events.
      ·
      Participate in the development and publication of Information Security procedures, standards and guidelines for device hardening, device compliance and access control lists.
      ·
      Assist with executing remediation plans for any gaps reported in audits or recommended process improvements that effect data leakage, network device compliance, certificate/key management, systems access and elevated account management.
      ·
      Collaborate with Security and IT management, the Legal department, Fraud department, Human Resources and law enforcement agencies to manage security vulnerabilities or inquiries.
      ·
      Regularly exercises influencing skills to assist individual leaders and teams to make security minded decisions.
      ·
      Review project related material for internal and external projects that are software, hardware and/or network related to assist in ensuring that secure solutions are being designed, developed and implemented that meet security standards and requirements.
      ·
      Conduct security research to keep abreast of latest security issues.
      ·
      Prepares security documentation including department procedures, standards, company notifications and alerts in support of other Information Security teams within the Risk department.
      ·
      Perform other related duties as assigned.
      Qualifications
      Requirements :
      ·
      BA or BS in Computer Science, Management Information Systems, or related field desirable, practical experience plus education and certifications may be considered.
      ·
      Six to nine years of progressive experience in computing and information security, including experience with Internet technology, security technology, issue resolution and leading teams in a cross functional, global setting.
      ·
      Experience should include security standards development, security education, network penetration testing, application vulnerability assessments, risk analysis, account management, management of gap remediation, compliance testing and leadership of teams.
      ·
      CISSP, GSEC, GIAC, CEH or other security related certifications desired.
      ·
      Windows or Cisco certification for server administration or network administration desired.
      ·
      Knowledge of information security standards and controls (e.g., ISO 17799/27001/27002, COBIT, COSO, PCI, etc.), rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis.
      ·
      Familiarity needed with several key security technologies: Cisco security products, TippingPoint, Check Point, DLP packages (Symantec Vontu), certificate and key management tools, ticketing systems, Active Directory management tools (Quest), anti-virus endpoint management, network anti-malware (FireEye, Palo Alto), firewall monitoring and OS compliance checkers.
      ·
      Strong analytical and problem solving skills are necessary.
      ·
      A practiced ability to influence peers, customers and project teams to make security minded decisions and changes.
      ·
      The ability to operate under ambiguous circumstances, address uncomfortable issues and leverage data to make informed decisions.
      ·
      Excellent communication (oral, written, presentation), interpersonal and consultative skills are required.
      This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.

      Asurion - 17 months ago - save job - block
      Recommended Jobs
      Command Center Analyst II
      Asurion - Nashville, TN
      Asurion - 20 days ago

      Security Analyst
      Vaco - Nashville, TN
      Vaco - 16 days ago

      Database Administrator
      Chamberlin Edmonds - Nashville, TN
      Chamberlin Edmonds - 30+ days ago
      About this company
      250 reviews
      For two decades, Asurion has led the technology protection industry around the globe. The Company provides premier support solutions to...