Senior Security Analyst
This position is responsible for advancing the Information Systems program within the company by assisting the Chief Information Security Officer (CISO) to plan, develop, and monitor administrative, physical, and technical safeguards for the company’s Information Assets.
- Under Direction of CISO, establish and maintain company-wide information security policies, standards and procedures
- Manage the Information Security Program Office (ISPO) with oversight of all security initiatives for cost, time and quality
- Coach and mentor directors, managers and associates on specific technologies that allow secure business growth
- Evaluate, recommend, select, and manage the implementation of proven industry accepted solutions to enhance the company’s core security capabilities in the areas of infrastructure, access management, networking, databases, servers, etc.
- Lead and direct in cooperation with the Business Continuity Planning Department, the planning and implementation of the company’s IT Business Continuity and IT Disaster Recovery efforts to ensure that the required technical service facilities can be resumed within required, and agreed, business timescales
- Execute all stages of the problem determination and resolution process as it pertains to security incidents, breaches and problems.
- Lead and direct the activities necessary to design, develop and implement a company-wide Security Awareness program.
- Create information security risk assessment methodology and performs information risk assessments using the methodology. Lead internal information security risk assessments to ensure proper resolution to security, risk, or compliance issues
- Maintain expertise in the area of security, including trends, strategies, and products to ensure that the company’s information assets continue to be protected at the levels required by the business
Qualifications and Experience
- Bachelor’s Degree in IT or Information Security
- Knowledge of Information Security standards and frameworks
- 3-5 years of direct Information Security experience ideally in regards to Risk Assessment, Metrics & Reporting, Education and Awareness and Incident Response
- Excellent writing skills for drafting of policies, procedures and analytical summaries
- Strong Microsoft Office skills
- Excellent verbal communication skills, strong analytical, teamwork and organizational skills
- Results driven individual who can handle multiple complex assignments, set and adjust priorities, rapidly engage new assignments based on criticality, all in a fast paced and often stressful environment, and with a timely and professional manner
- Energetic and self motivated; enthusiastic and positive attitude.
- Ability to think strategically, multi-task, and work effectively and efficiently with minimum direction in a team environment
- Hold at least one professional certification, (e.g. CISA, CISSP) or willingness to obtain one.
Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!