The Information Security Analyst position is an essential member of the Enterprise Technology Risk Management teams at this financial firm. The position works closely with Information Technology team and other talented and driven technology professionals supporting complex enterprise infrastructure and to ensure confidential information is secure.
Essential Job Duties
- Maintains all documentation supporting the risk assessments.
- May participate as a technical risk advisor on IT projects to ensure that controls are properly addressed and implemented to mitigate vendor and/or technology risks.
- Stays informed about latest developments in the Risk Management and Information Security fields.
- Utilize configuration management to maintain system integrity consistent with their defined state
- Perform regular vulnerability assessments and partner with third party auditors for penetration testing
- Participate in a rotating on-call coverage and emergency response as needed
- Triaging, analyzing, escalating and reporting on security incidents
- Associates or Bachelor's degree in cybersecurity, computer science, information systems or closely related
- 3+ years relevant experience. Certification/License Additional Job Requirements:
- Minimum of 2 years of progressive IT support or infrastructure experience
- Knowledge of security control frameworks, controls, relevant laws, and regulations (NIST, GLBA, Sarbanes Oxley (SOX), PCI, Service Organization Controls reports (SOC).
- Technical knowledge of current systems software, Active Directory, operating systems, and PC protocols and standards.
- Ability to conduct research into technology risk or IT security issues and products as required, and document findings.