The Information Security Analyst supports the MRAm and Hub America’s Information Security Officer in the development of Information Security policies, procedures, consulting, and security incident handling. Performs security administration, security entitlement and maintenance reviews and security monitoring of infrastructure and applications.
- Performs risk assessments and security briefings to advise on security issues or exceptions that are requested by users and project teams.
- Provides input to the development and implementation of security policies and procedures for one or more of the following information technology areas; networking infrastructure, AS400, Unix HP, SecurID.
- Provides expertise and assistance in projects (IT and business driven) with regards to potential security issues. Ensures that security best practices, standards and policies are complied with.
- Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports, investigates possible security exceptions, and performs entitlement reviews for select systems.
- Reviews and provides feedback on new global security standards and development related to various systems including but not limited to Network Infrastructure and Server and Desktop Operating systems.
- Assists in the identification and evaluation of products and procedures to enhance productivity and effectiveness of the ISG. Educates IT and the business about security policies. Conduct security awareness activities.
- Communicates new security administration processes/procedures
- Investigates possible security exceptions, updates, and maintains and documents security controls.
- Provides backup support for other members in the Information Security Group when they are not available.
- 5+ years experience implementing and maintaining Windows workstation and Server security.
- Proficiency in utilizing operating system functionality/tools for security administration of Windows server/desktop operating systems
- 2+ years experience administering an enterprise Active Directory, HP Unix, Linux, RSA SecurID environments
- Strong analytical and problem-solving skills
- Strong team-oriented interpersonal skills
- Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts.
- Working technical knowledge of the current state of information system software, protocols and standards.
- Bachelors or Associate Degree, Technical Training or equivalent experience.
- Security or audit-related certifications (CISSP, SSCP, CISA, CISM, GIAC) is desired