Senior Analyst Cyber Security
Senior Analyst Cyber Security
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
For assistance on how to apply please click here
Job Description:
Position Overview
Reporting to the Information Security Director the Senior Information Security Analyst is responsible for risk assessment based on application data and technology architectures and current information security threats; for solution design and information security policy development and maintenance; for awareness activities and monitoring compliance with company security policy and applicable law; for coordinating investigation and reporting of security incidents. The Senior Information Security Analyst will also monitor assess and apply corrective actions to the business continuity and disaster recovery program and contribute to information security projects to protect company information assets. This position combines projectbased work and operational assignments. This will require practical use and understanding of security protocols and standards solid knowledge of information security principles and practices and keen awareness of the state of the threat environment especially as it may pertain to The Andersons.
Key Responsibilities
- Work with business units and other risk functions to identify security requirements using methods that may include risk and business impact assessments.
- Manage completion of information security operations documentation including policy development.
- Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
- Play an advisory role in application development infrastructure engineering and/or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned.
- Assist and manage with enterprisewide risk assessment processes
- Drive crossfunctional remediation of previously identified security risks and close out pending action plan
- Proactively collaborate with service providers to understand operational findings and drive the appropriate company response.
- Architect develop deploy and support information security systems and solutions such as strong authentication key management IPS SIEM antimalware and others
- Interact with internal and external customers on securityrelated projects and operational tasks
- Participate in 24x7 Information Security Response team
- Report to company management concerning residual risk vulnerabilities and other security exposures including misuse of information assets and noncompliance.
- Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
- Performs security due diligence assessments with vendors and contractors
- Researches evaluates and recommends information security related hardware and software including developing business cases for security investments
- Manage services to analyze monitor track and report behavior/tasks logged by assets in the form of incidents to ensure the company is protected from any potential leaks or malicious activities.
- Read and understand system data including but not limited to security and network event logs syslogs and firewall logs.
- Propose changes/improvements to the processes and procedures that will improve operational efficiency provide better service etc.
- Participate in the security awareness training program review and development.
- Perform risk and security assessments to identify control weaknesses and recommend remedial actions for any issues found. Manage and track competition of remedial actions.
- Manages relationship with the audit groups (both internal and external). Provides information as requested receives audit findings and manages the collection of responses and remediation plans with owners.
- Maintains an awareness of existing and proposed security standard setting groups state and federal legislation and regulations pertaining to information security. Identifies regulatory changes that will affect information security policy standards and procedures and recommend appropriate changes. Works with other groups and assists in the development of security architecture and security policies principles and standards.
- Develop and maintain an open and candid relationship with the management through regular contact to discuss all important matters and to make suggestions for improvement.
- Seek out and identify new opportunities for reducing cyber corporate risk
What is expected of you and others at this level
- Indepth knowledge and experience
- Uses existing solutions to resolve complex issues
- Works independently; receives minimal guidance
- Acts as a resource for colleagues with less experience
- Represents the level at which career may stabilize for many years or even until retirement
Minimum Qualifications & Skills
- Bachelors Degree in Business Administration Computer Science or related field required Masters Degree preferred
- 510 years relevant experience required
- Experience in IT regulation and compliance standards such as PCI/DSS NIST CSF 2.0/ NIST 80053 CIS Critical Security Controls
- Practical use and implementation of solid knowledge of information security principles and practices for a public corporation; Understanding of IT methodologies such as software development lifecycle and ITIL operations
- Exposures in IT security baseline and procedures development
- Experience in design and implementation of Microsoft Sentinel and Arc.
Certifications/Licenses:
- Tertiary qualifications in information or IT security or industry qualifications such as Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or equivalent are required.
Additional Skills:
Strong analytical and problemsolving skills.
Foster and support a collaborative harmonious team environment that raises information security knowledge for everyone.
Critical thinking and strong judgment skills
Successful relationship management skills
Excellent presentation and communication skills.
Ability to successfully negotiate and resolve conflicts
This job description is intended to describe the general nature and level of work performed. It does not include all responsibilities and skills required of the job and may be changed at any time. All responsibilities must be completed in compliance with all safety protocols policies procedures and consistent with the spirit and philosophy of The Andersons Statement of Principles.
Note: The statements herein are intended to describe the general nature and level of work being performed but are not to be seen as a complete list of responsibilities duties and skills required of personnel so classified. Also they do not establish a contract for employment and are subject to change at the discretion of the employer. The Andersons Inc. is a DrugFree Workplace. The Andersons Inc. is an EO employer M/F/Veteran/Disability/Gender Identity/Sexual Orientation.
Note: The Andersons Inc. conducts drug alcohol and/or medical testing of applicants and employees based on type of position. A copy of our testing policy is available by contacting the HR Department at .
We do not accept resumes from headhunters placement agencies or other suppliers that have not signed a formal agreement with us.
PHISHING SCAM WARNING: The Andersons is aware of the continued increase of phishing scams leveraging various methods of attack via email text voice and social media. Please note that The Andersons only uses company email addresses which contain @ to communicate with candidates via email. If you are contacted by someone about an open job at The Andersons please verify the domain of the senders email address and that they are asking you to apply on this website. If you believe youve been a victim of a phishing scam please visit the Department of Homeland Securitys Cyber Smart website to learn how to report it.
Required Experience:
Senior IC
Employment Type
Full-Time
