Sr IT Security Analyst

Job title: Sr IT Security Analyst

Job description: Responsibilities:

• Focused on providing information security consultation to business and IT clients
• Working with project teams to identify required security controls, and ensuring controls have been implemented prior to transitioning technology platforms to production
• Conducting information security threat risk assessments and third-party security assessments
• Conducts threat analysis, including researching evolving threats and providing recommendations
• Develops and conducts vulnerability assessments, and documenting findings in reports
• Strong desire to work collaboratively in an unconventional and non/linear way to problem solve unique solutions
• Be customer focused and delivery oriented to drive change in ambiguous situations
• Work proactively with internal clients to understand their needs and deliver creative solutions
• Strive for continuous learning and can influence others

Requirements:

• Bachelor’s degree from an accredited college or university or equivalent experience
• Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above
• Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CISM, CASP+))
• Strong working knowledge of threat risk assessment methodologies NIST, ISO, IRAM2, etc.
• Strong technical background with exposure to multiple aspects of information technology, networks, server, application dev, architecture, storage, cloud etc.
• Excellent communicator including demonstrated presentation and negotiation skills
• Experience with security solutions for multi-tier cloud-based applications (Microsoft Azure, GCP, AWS, etc.)
• Experience with DevSecOps and/or Agile would be an asset
• Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization
• Strong knowledge of IT control frameworks such as COBIT, ISO 27001, and the NIST cyber security framework
• Working knowledge of IT Audit processes, including design of control test procedures
• Demonstrated ability to foster relationships and build trust
• Ability to work independently and deliver on commitments
• Strong analytical and problem-solving skills
• Experience in risk assessment methodologies

Click Here to Apply

Source: