Risk Analyst - Security
Dell SecureWorks is a market leading provider of world-class information security services with over 2,900 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, Dell SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008, 2009, 2011 and 2012.
As a result of our market leadership, Dell SecureWorks is experiencing rapid growth in all aspects of our security business.
The risk analyst must be an expert in measuring security risk, communicating information to the business to support educated decision making about information security topics, and providing actionable remediation guidance to operational teams. Position location: Client/Thousand Oaks, CA.
Essential Duties and Responsibilities
Knowledge, Skills and Abilities
- Responsible for performing risk assessments at an enterprise, project, system, and vendor perspective.
- Responsible for understanding Company’s culture, security strategies, security goals, security objectives, security capabilities, and security budget. Resident is also responsible for integrating that understanding with such work as the Resident performs
- Ability to develop relevant reporting based on risk findings through assessments.
- Ability to identify actionable solutions to reduce risks for the business
- Ability to multi-task and manage priorities based on the situation.
- Participation in a wide array of IT security projects facing Company, including operational, assessment, development, and audit security
- Identification of security vulnerabilities and possible exposures
- Performance of vulnerability scanning, security assessments, and incident management
- Remediation tasks driven by findings from security issues, including incident response, and development of security bulletins and updates
- Information gathering in furtherance of audit requirements
- Interface with software development teams to define security guidelines and objectives
- Technical evaluations of equipment and solutions
- Documentation of technical solutions and departmental procedures
- Participation in design and solutions review forums
- Assist Company with development of regularly scheduled compliance reports in Qualys
- Experience managing large and small scale incidents
- Experience with Qualys and Log Logic
- Familiarity with the following technologies: Active Directory, Virtualization platforms, Microsoft Windows, Unix, Linux, Mac OS X, LDAP, Active Directory, 802.11 wireless, firewalls, routers, network protocols and architecture, databases, VPN/RAS, IDS/IPS
- Understanding of risk-based frameworks
- Understanding of one or more compliance frameworks: PCI-DSS, Sarbanes Oxley, NERC-CIP, HIPAA, FISMA, ISO, COBIT, NIST
- Broad information security knowledge and experience
- Good interpersonal communication skills
- Excellent customer service skills
- Ability to speak about security topics to large non-security audiences
- Strong writing skills
- Some management experience as a team lead is helpful
Life At Dell
Equal Employment Opportunity Policy
Since 1985, Dell has played a critical role in enabling more affordable and accessible technology around the world. As an end-to-end...