Information Security Analyst Jobs

Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work with talented teams that help you become better every day. We know what it takes to lead UPS into tomorrow—people with a unique combination of skill + passion. If you have the qualities and drive to lead yourself or teams, there are roles ready to cultivate your skills and take you to the next level.

:

Remote Location Acceptable

The Information Security Risk Analyst participates in risk audits/assessments with customers and third party vendors. The Analyst will prepare and initiate customer assurance responses or third party audits/assessments facilitated by electronic survey's, questionnaire assessments, interviews and security control reviews.

They will:

• Prepare final assessment reports and assessment results review with stakeholders.
• Identify opportunities to continuously improve the program through innovation.
• Respond to assessment action items including providing supporting documentation to auditors, evaluating audit results for relevance/accuracy, and working with teams to remediate audit findings.
• Assist in the development of the information security requirements for vendor and customer contracts to ensure UPS's information assets are protected, and all terms follow UPS standards and compliance obligations.
• Participate in the creation and/or maintenance of information security policies, standards, guidelines, processes and procedures.
• Provide immediate security control remediation response in all cases where assessment controls are found to be deficient or non-compliant.
• Manage audit time line for questionnaire, interviews, evidence verification, and audit phases.
• Identify key points of contact and establish communication channel.
• Initiative audit/assessment overview meetings and develop schedules.
• Ensure all assessment controls meet company policies and standards for confidentiality, integrity, availability and defense in depth security principles.

Experience:

• Experience using GRC/IRM tools or similar technologies for audit support and security controls governance management.
• Candidate must have good organization skills and be a self-motivated learner.
• Experience with auditing controls, I.T. auditing fundamentals, vendor cybersecurity controls analysis and documentation.
• Experience gathering information from a range of different sources, developing and creating search queries.

Preferred Qualifications:

• Bachelor's degree in Information Technology, Information Security, Computer Science, Auditing or equivalent.
• One of Sec +, CISA, CRISC, CISM, or CISSP, or other Information Security certification preferred or in progress.
• Demonstrated advanced verbal and written communication skills.

Employee Type:

UPS is committed to providing a workplace free of discrimination, harassment, and retaliation.

Other Criteria:

Employer will not sponsor visas for position. UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law.

Basic Qualifications:

Must be a U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer.