Sign in

Information Security Analyst Information Security, IT Audit, Risk

Company:
CareWorks Technologies
Location:
Columbus, Ohio, United States
Posted:
December 05, 2018

Description:

For more than 18 years, CareWorks Tech has been delivering technology solutions that drive results. As your advocate, the common thread across our associates is crafting the right tech-savvy solutions. Whether it’s IT Consulting, Infrastructure Services, Security, Enterprise Service Management or Interactive, we’re all about finding solutions that advance your career aspirations. Our ongoing client relationships speak to our long-term collaborative partnerships.

Job Description: The Senior Information Security Analyst is responsible for the day-to-day security operations within Retail Services for security related applications, databases, and other system environments within Information Security. You will be expected to champion processes and technology as a subject matter expert in various areas and to demonstrate this ability at a senior level. The position reports to the Manager, Information Security and works closely with teams in other Information Security disciplines, Infrastructure, and Operations areas to help provide superior protection to Retail Services information assets.

Responsibilities

Analyze and evaluate requirements in the implementation of key IT projects and initiatives as they pertain to the organization’s long-term security strategy.

Understand the various tools and technologies commonly associated with Information Security.

Serve as the subject matter expert in various technical information security disciplines and mentoring junior staff. Demonstrate self-learning in gaining knowledge of new technical developments and ensure they are shared appropriately and applied as applicable within the department.

Lead various projects in the InfoSec space, as assigned by leadership.

Identify areas of improvement where processes do not currently exist and drive the development and delivery of new processes to address these gaps.

Lead the creation of and the maintenance of relevant documentation.

Assist with development and delivery of Key Performance Indicators (KPIs) through the understanding of the tools and deliverables and by helping to develop, maintain and mature the associated reporting structure.

Applies knowledge from previous roles and jobs to current responsibilities.

Comprehensive understanding of the InfoSec team’s strategy and vision and actively works as a change agent to support these initiatives both within the InfoSec team and the broader organization.

Ability to identify when to partner with leadership to resolve issues, risks and/or obstacles.

Identifies and understands drivers for change and will act as an individual champion or partner with leadership to deliver those changes.

Builds consensus for delivering results while finding common ground for collaboration and partnership.

Effectively partners with peers within the department to include them in key projects, risks or issues.

Performs consistently at or above the expectations of leadership in delivering good quality work and delivers work accurately and on time.

Perform other duties as assigned by leadership.

Requirements

Bachelor Degree in Computer Science, Audit, Networking or other computer related field or study- Preferred not required

5-8 years of working experience in an information security, IT audit, risk management or other related fields.

Security certifications preferred, or able to complete certification within 12 months of hire (CISA, CISSP or other industry recognized certification as agreed upon by InfoSec Leadership)

Working knowledge of and experience with information security techniques and underlying infrastructure.

Additional Skills and Experience

Experience leading and/or coordinating projects; Broad range of skills with different technical platforms (servers, networks, storage, security, Internet and cloud based technologies, etc.)

Special consideration for experience with Mainframe and Cloud environments.

Working knowledge of ISO 27001/27002 and NIST security standards

Working knowledge of various regulatory compliance requirements including PCI DSS and SOX.

Ability to maintain the highest level of confidentiality and professionalism.

Possess analytical, problem-solving, project management skills, and a working knowledge of core banking platforms and FFIEC/FDIC requirements.

Ability to work in a team fostered, fast-paced, multi-tasking environment.

Excellent interpersonal, written, and oral communication skills as well as issue resolution and negotiation skills.

Assist in developing and approving policies and standards for data loss prevention. Report common and repeat problems (trend analysis) to management; propose process and technical improvements.

Comfortable interacting consistently with affected customers and business areas to work to resolve issues regarding business processes that do not align with DLP best practices.

Relevant Skills and Experience Specific to the Role

Monitor and respond to DLP events

Interact with customers and supporting teams to manage events until closure

Ensure that Service Level Agreements (SLAs) are met

Assist in troubleshooting issues that may arise from an incomplete scan, scan related performance issues, agent related performance issues, alert generation, email and network traffic related performance issues

Develop and enhance DLP policy to identify and appropriately protect data while in use, in motion, and at rest

Assist in maintaining all DLP related documentation

Continuously propose configuration and tuning opportunities of DLP systems, policies and response rules

Develop workflows for incident and alert generation for policy violations

Assist in providing best practice solutions for data protection

Identify gaps in procedures, and willingness to communicate them to the team, as well as the business, and suggest improvements

The CareWorks Family of Companies is committed to providing career opportunity and growth to all Associates without regard to race, color, religion, sex, national origin, age, marital or veteran status, medical condition or disability.

CareWorks Tech Strategically-Led Technology Solutions

5555 Glendon, CT

Dublin, OH 43016

614-789-3767

david.horvay@careworkstech.com

Thank you for considering CareWorks Tech for your next career opportunity. CareWorks Tech is not your typical technology company. We are part of the CareWork’s family of companies which is one of Ohio’s largest managed care organizations, serving over 115,000 employers and owned by York Risk Services Group. We have 4 guiding principles: (1) Customer Commitment (2) Attitude of Service (3) Respect for the Individual and Team and (4) Exceeding Expectations. We invest in your training, professional development, benefits (medical, 401k, paid holidays/vacation, etc.) and personally focus on your career success. We have operations in 85 locations worldwide and employ 5,000+ people.