Senior Information Technology Security Analyst

Acer is seeking a Senior IT Security Analyst! The Senior IT Security Analyst is responsible for assessing information risk and facilitating remediation of identified vulnerabilities for IT security and IT risk across the enterprise.

· Assesses information risk and facilitates remediation of identified vulnerabilities with the company network, systems, and applications.

· Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.

· Performs assessments of the IT security/risk posture within the IT network, systems, and software applications, in addition to assessments within the Vendor Management Program.

· Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios.

· Facilitates and monitors the performance of risk remediation tasks, changes related to risk mitigation & reports on findings.

· Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications.

· Provides weekly project status reports, including outstanding issues. The IT Security Analyst assists in all IT audits, IT risk assessments, and regulatory compliance.

Security analysts are ultimately responsible for ensuring that the company's digital assets are protected from unauthorized access. This includes securing both online and on-premises infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur. If a breach does occur, security analysts are often on the front line, leading efforts to counter the attack.

Duties and Responsibilities

IT Security Analyst’s common duties typically include:

· Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.

· Address questions from internal and external audits and examinations.

· Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements.

· Facilitate IT security/risk training curriculum.

· Serve as project manager/lead within IT security projects.

· Coordinate periodic cybersecurity tests including Pen testing, phishing drills, etc.

· Promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the company.

This position requires regular, predictable, and timely attendance at work to meet department workload demands.

Skills and Qualifications

Senior IT Security Analysts are detail-oriented individuals with strong technical expertise and multitasking skills. They thrive in an agile, fast-paced environment, and they keep abreast of innovations, regulation changes, and other industry developments.

· Bachelor’s Degree, Information Systems, Computer Science, Information Security or related field required.

· 7-10 years IT security or information security experience with a proven ability to engage with Senior Management and regulators.

· 4+ years’ experience conducting IT compliance assessments (PCI, etc.)

· 4+ years’ experience in administering IT security controls in an organization.

· Knowledge of technical infrastructure, networks, databases, and systems in relation to IT Security and IT Risk.

· Experience with IPS/IDS and SIEM technologies.

· Certified Information Systems Security Professional (CISSP), or related certification a plus.

· Project management skills preferred.

· Windows workstation and server administration experience preferred.

· Prior experience performing security reviews and risk assessments preferred.

Tools of the Trade

An IT Security Analyst should be familiar and comfortable with:

· Well-known SIEM tools such as Splunk, ArcSight, ManageEngine, Rapid7, etc.

· Knowledge of Windows enterprise systems

· Knowledge of Linux enterprise systems

· Knowledge of Azure AD

Knowledge of Cisco, F5, and Palo Alto networking products.