IS Security Analyst Sr

Description

Information Security Governance

Chargeable for executing the Information Security Strategy implementation.

Responsible for maintaining cybersecurity controls to protect organization’s data.

Subject to propose and implement new cybersecurity controls.

Accountable for preparing Information Security metrics reports and create dashboards.

Liable for manage and maintain the information security policy framework.

Contributes to monitor and document Information Security Policy Exceptions.

Risk Management

Responsible for performing risk assessments and address risks to reduce their impact.

Subject to document and maintain risk registries.

Liable for performing vendor risk assessments

Chargeable for addressing and mitigates cybersecurity risks.

Accountable for preventing cybersecurity risks.

Answerable for learning up-to-date new cybersecurity trends and cybersecurity standards or best practices.

Information Security Incidents

Responsible for investigating cybersecurity breaches and cybersecurity incidents.

Liable for documenting security incidents and determine their impact.

Compliance

Responsible for overseeing and facilitate security audits whether performed by organization or 3rd party.

Accountable for monitoring legal and compliance requirements for IT, Information Security and Privacy.

Awareness

Responsible for executing the Information Security Awareness Program.

Chargeable for training employees about information security topics.

Liable for performing Information Security Awareness Tests.

Accountable for monitoring and reporting Information Security Awareness Metrics.

Accountable for traveling to perform information security awareness on-site trainings.

Security Operations

Responsible for monitoring security operations and mitigate high risks.

Accountable for assessing current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.

Liable for installing security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.

Subject to perform Penetration Tests and Vulnerability Assessments.

Contributes to Execute and maintain Business Continuity and Disaster Recovery plans.

Other

Other duties as assigned.

Knowledge, Skills and Abilities

Breadth and depth of cyber security knowledge.

Grasps features, functions, and value associated with technology products.

Experience in problem solving, coding, scripting, management and development of applications, and security workflow design.

Deep experience with a variety of industry leading security products.

Experience developing and administering cyber security.

Operates in complex environments and takes responsibility.

Effectively manages projects.

Identifies and resolves problems in a timely manner. Gathers and analyzes information skillfully. Develops alternative solutions. Works well in group problem solving situations.

Analytical - Synthesizes complex and/or diverse information. Collects and researches data. Uses intuition and experience to complement data. Designs workflows and procedures.

Strong written and verbal communication, including ability to teach both formally and informally - Advanced

Problem Solving.

Demonstrates and encourages adaptability.

Education Level: Bachelor’s degree

Field/s of Education:

Computer Science

Information Technology

Cybersecurity

Years of Experience:

Minimum 7-10 years in areas related to the position

Licenses: If driving is a necessary part of a job employees are required to possess a valid driver’s license.

Languages:

English & Spanish 85 - 95%

Necessary Software:

Office 365 – Intermediate

MS Azure – Basic

CISCO Technologies – Intermediate

Palo Alto Technologies – Intermediate

OWASP Top 10 – Basic

Wireshark – Intermediate

Nmap – Intermediate

Linux – Intermediate

Javascript – Basic

Windows Server - Intermediate

Pay Scale: $139,000 - $150,000