Senior Information Security Analyst
- Requisition #: 202940542
- Job Category: Information Systems
- Operation: Information Security
- Job Group: FT Supervisor
- Job Grade: 20G
- Job Code: 4386
- Relocation Assist Available: No
- Location: MAHWAH, NJ 07430 - RAMAPO RIDGE I.S. CENTER
Are you looking to launch your Information Technology career? If so, then UPS is the place for you!
Once known as a trucking company. UPS is now recognized as a technology company with trucks and is poised for success. Spending more than $1 billion a year on information technology, UPS provides its customers unparalleled capability in tracking and distribution intelligence. This technological infrastructure also enables UPS to provide fully integrated Web-enabled, business-to-business solutions.
UPS Information Services, a leader in information technology, is currently seeking career-minded individuals to join our team. If you are highly motivated with a degree in Computer Science or related discipline, then UPS is a great place for you to start your career .
The Senior Information Security Analyst identifies, investigates, analyzes, and remediates information security events to ensure enterprise integrity against technical and physical risks. He/She conducts quality management reviews to evaluate the effectiveness of security controls. This position reports on the controls effectiveness for mitigating exposure to identified risks. He/She communicates security issues and control gaps through security governance processes. This position communicates, implements, and integrates risk management procedures across the enterprise. He/She participates in the development and maintenance of business continuity planning, data, systems, and network security for systems and controls related to their job duties.
Supports Internal Clients
- Obtains information from colleagues and internal clients to resolve security and service operations problems.
- Engages with colleagues and internal clients to investigate and identify security and service problems.
- Interfaces with internal clients to ensure compliance with implemented security software, hardware, policies, and procedures.
- Advises users on the administration of security tools to control and monitor information security.
Performs Security Risk Management Functions:
Conducts I.S. Information Security Projects Activities:
- Designs, develops, and executes information security awareness campaigns to ensure compliance (e.g., with data protection and privacy laws, regulations, contracts, etc.) and the protection of information assets.
- Gathers information for, and develops customer information security assurance questionnaires to assess risk and determine current and future security requirements.
- Contributes to the development of the information security requirements of vendor and customer contracts to ensure UPS's information assets are protected, and all terms follow UPS standards and compliance obligations.
- Implements information security-related statute requirements to ensure domestic and international compliance.
- Enforces information security concepts to enable implementation and to ensure compliance and alignment with Information Services (I.S.) strategy.
- Communicates and advises on security policies, procedures, practices, and training on the holding, use, and disclosure of UPS’s business data to ensure compliance, continuity, and protection of information assets.
- Communicates and promotes corporate information security policies, standards, and guidelines to ensure effective enterprise security control requirements.
- Investigates security issues and escalates as appropriate to increase customer information assurance, stakeholder confidence, and risk aversion.
- Identifies industry best practices, standards, methods, tools, and applications to optimize UPS’s business risk management.
- Conducts advanced information security analyses to identify and initiate action items.
- Develops task lists and cost, time, and resources estimates to support project development.
- Participates in the development of project plans to ensure that projects are completed on time and according to specifications.
- Performs assigned functions and tasks to meet project and quality review requirements.
- Analyses, records, and monitors assignment deviations to ensure effective resolutions.
- Investigates issues and escalates as appropriate to support effective resolutions.
- Reviews multiple assignments to ensure I.S. governance, standards, and policies compliance.
- Participates in team meetings and discussions to communicate findings and ensure knowledge is shared among the respective team members.
- Assists in the development of project scope, schedule, initiation, start-up/design, business case development and deployment recommendations to establish accountability.
- Balances multiple project activities and schedules to meet I.S. and UPS goals.
- Experience in IT contract negotiation, information security term and schedules
- Participate in and execute information security functions specific, but not limited to, information security awareness campaign creation and execution, assisting in gathering information for and crafting customer's information security assurance questionnaires and participating in the review of information security requirements in vendor and customer contracts to ensure that UPS's information assets are protected and in line with UPS standards and compliance obligations.
- Strong background in information security related risk assessment and management concepts
- Broad understanding of information security related statute requirements, as they relate to UPS’ business to include country and multi-national.
- Expertise in the areas of Privacy, Data Transfer and regulated commodity statutes
- Demonstrable, multi-year experience in information security concepts, implementation and enforcement - Understanding of audit principles and processes
- Demonstrable experience in and knowledge in information technology tools, technologies, architectures and development, operational and lifecycle management methods.
- Broad knowledge of UPS business functions and processes information systems and infrastructure
- Certifications in CISSP, CISA, CISM, CSSLP preferred
The desired Information Security Analyst will possess a degree in Computer Science, Information Systems, Mathematics, Statistics or related field or the equivalent in education and work experience.
Employer will not sponsor visas for position.
- U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer.
As a global leader in package delivery and supply chain solutions, UPS is passionate about innovating new ways to make business work better,...