Information Security Analyst

Job Description- Information Security Analyst

Our client is looking for an Information Security Analyst who will be responsible for partnering with the Director - Information Security in developing and implementing appropriate information security policies and procedures, working with IT staff to implement technologies, and meeting internal and external compliance needs. This individual will also conduct vendor, project , and technical/ad hoc security reviews. The ability to effectively communicate with all levels of the business regarding security issues while ensuring that the company's information assets are properly protected is essential.

Responsibilities:

• Coordinate the development, implementation, and administration of high-level security policies, practices, standards, and programs.
• Perform security reviews for vendors, projects, and technical/ad hoc process implementations.
• Participate in internal and external compliance initiatives including audit requests, security reviews and other tasks associated with improving the company's security posture.
• Assess and review current technology infrastructure to identify key risk areas and ensure adequate levels of controls are in place to address those risks.
• Review maintenance and IT infrastructure processes to ensure efficient and adequate security provisions.
• Develop techniques, procedures, and utilities for improving the security risk assessments methodology.
• Coordinate the development and execution of effective security training and awareness programs.
• Familiarity with implementation of Disaster Recovery and Business Continuity Plans.
• Coordinate the assessment of computer systems security risks and investigates and develops contingency plans by undertaking risk analysis, security investigations, surveys, and threat assessments.
• Participate in data collection, analysis, and management for client assessments and client requests.
• Maintain the information security policy exception process, IT risk management process and vulnerability management program.
• Participate as a member of team providing pertinent security information and input to strategic and tactical planning; initiatives and projects planning, including cyber security tabletop exercises.
• Other duties as assigned.

Requirements:

• Four-year degree in computer science or related field, or the equivalent work experience.
• A minimum of 8-12 years of experience in an information technology, audit and security roles a plus
• Strong writing and communication skills including writing IT policies, conducting internal department meetings and other meetings as required.
• Experience managing and leading Security projects, including defining requirements, developing project plans, and delivering results.
• Strong organizational skills to handle multiple priorities.
• CISSP, CISM, CEH and/or CISA certification is preferred.