Security Information Analyst Jobs

2 Years Knowledge of computer networking concepts and protocols, and network security methodologies.

Knowledge of cybersecurity and privacy principles.

Knowledge of systems administration concepts.

Knowledge of critical infrastructure systems with information communication technology that were designed

Knowledge of Personally Identifiable Information (PII) data security standards.

Knowledge of Payment Card Industry (PCI) data security standards.

Good organization, time management, and prioritization capabilities.

Must be ready to develop a working knowledge through self-education and documentation of MDA operating systems, software, and programming.

Cybersecurity and Infrastructure - outsourced Help Desk and Managed Services; cybersecurity (this would be the area of accountability of the candidate)

Conduct frequent testing of simulated cyber-attacks to look for vulnerabilities in the computer systems and remediate them before any potential cyber-attack.

Make recommendations to managers and senior executives about security advancements to protect the Company's systems.

Monitor security certificates and company compliance with requirements

Develop business metrics to measure effectiveness of the security management program and increase the maturity of the program over time

Advanced knowledge of hardware, software, telecommunications, operating systems, and applications

Advanced knowledge of HIPAA security and privacy standards

Advanced knowledge of industry standard security frameworks

Excellent communication skills, including writing reports and preparing documents for internal/external publication and presenting to groups of individuals

Experience leading and implementing projects and working collaboratively with other departments

Strong leadership and team management abilities.

Work closely with senior management to inform and align the cybersecurity strategy with organizational goals.

Evaluate, recommend, and oversee the implementation and management of security technologies and vendor partnerships.

Provide regular reports and updates to senior management and board members on the state of information security in the organization.

Full-time remote opportunity, equipment provided

Identify and manage security risks and incidents; develop mitigation and escalation strategies.

Experience creating queries to prepare reports/data for tasks such as account recertification, data validation and audit requirements.

Learn the security domain to grow into new responsibilities

Bachelor’s degree plus 2 years of working experience in the IT industry or project-based environments (can include internships)

Experience compiling data from various sources into executive-level summary presentations

Demonstrates great analytical and problem-solving skills to detect and resolve security issues

Demonstrates good communication skills, including verbal and written

Some experience working on IT security controls and have knowledge of Information Security compliance and processes.

Has basic knowledge of Information Security standards and frameworks.

2-3 years of Microsoft Office skills on Word, Excel and PowerPoint.

Related IT securities licenses, industry and/or professional certifications is an advantage

Review and analyze compliance data and information for IT Systems security controls.

Assist on compliance tool implementation.

Familiarity with DoD Risk Management Framework (RMF)

Professional growth opportunities including paid education and certifications

Experience with DoD IT networks or systems

Assisting the customer and/or contractor teammates with building or maintaining security documentation, policy, or procedures

Applying STIGs, patches, and software updates

Active DoD Secret Level Security Clearance

1-2 years of project management experience preferred.

Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.

Demonstrated knowledge of information security principles and best practices.

Demonstrated knowledge of social engineering techniques and other information security threats required.

Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.

Experience with Contributing to risk assessments and mitigation strategies for identified threats.

1-2 years of project management experience preferred.

Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.

Demonstrated knowledge of information security principles and best practices.

Demonstrated knowledge of social engineering techniques and other information security threats required.

Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.

Experience with Contributing to risk assessments and mitigation strategies for identified threats.

1-2 years of project management experience preferred.

Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.

Demonstrated knowledge of information security principles and best practices.

Demonstrated knowledge of social engineering techniques and other information security threats required.

Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.

Experience with Contributing to risk assessments and mitigation strategies for identified threats.

1-2 years of project management experience preferred.

Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.

Demonstrated knowledge of information security principles and best practices.

Demonstrated knowledge of social engineering techniques and other information security threats required.

Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.

Experience with Contributing to risk assessments and mitigation strategies for identified threats.

Knowledge of the fundamentals of project management, and experience with creating and managing project plans.

Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.

Assists in the coordination and completion of information security operations documentation.

Works with Dolby's IT department and members of the information security team to identify, select and implement technical controls.

Assists security administrators and IT staff in the resolution of reported security incidents.

Monitors daily or weekly reports and security logs for unusual events.

Section 3: Experience, Skills, Knowledge Requirements

Knowledge or experience working with Governance Risk & Compliance (GRC) systems such as LogicManager, eGRC, RSA Archer etc.

Coordinate and process policy updates from BISOs and present to risk management policy review committee.

Participate in industry-related organizations such as ISACA, FS-ISAC, IANS, etc. to gain knowledge and experience.

Collaborate with business relationship managers in all divisions to answer client-initiated audit requests.

Process requests for new and existing vendors, handling the information security tasks associated with the vendor review and certification process.

Excellent organizational and time management skills

Network with Elanco employees and demonstrate leadership capabilities

Education: Currently enrolled in undergrad studies in Information Security, Computer Science, Informatics, or related majors

Strong communication and interpersonal skills, including excellent phone, speaking, and presentation skills

What You Need to Succeed (minimum qualifications):

What will give you a competitive edge (preferred qualifications):

Proficient knowledge of security principles, practices, and technologies, including network security, host security, threat intelligence, and vulnerability management.

Searches for and identifies potential security threats and vulnerabilities within the organization's information systems, networks, and applications.

Stays informed of the latest threat landscape, emerging vulnerabilities, and attack techniques to continually improve threat search processes.

Possess analytical and problem-solving skills, with the ability to identify patterns and trends in security event data.

Knowledge of scripting and programming languages commonly used in cybersecurity, such as Python, PowerShell, or Bash.

Knowledge of current and emerging security threats, attack vectors, and techniques used by threat actors.

Point of contact for organization GRC project efforts, including requirement gathering, project management, and other project related activities.

IT Risk Management / Audit industry certification (such as CISSP, CISA, CRISC, etc.)

Possess excellent time management and organizational skills.

Conduct risk assessments on Syniverse owned products and provide management with detailed risk analysis.

Maintain overall risk register and present findings to appropriate business units and executive management on a regular basis.

Review customer and 3rd party contracts to ensure appropriate security requirements are included to protect the organization

Assess the continued effectiveness of management and technical cybersecurity capabilities through execution of continuous monitoring activities.

Implement a data security risk reporting framework for management teams and governance committees.

Manage multiple or more complex IT Security Governance projects that may span company-wide initiatives within scope, timeline, and budget.

Identify and evaluate information security risks, current risk mitigation/remediation capabilities and related opportunities for improvement.

Assist with the information security awareness and education program.

Working knowledge of information security methodologies, policies, standards and procedures.

Strong communication and writing skills with the ability to manage multiple stakeholders contributing content and feedback

Professional growth opportunities including paid education and certifications

Demonstrated experience applying 800-53 controls to cybersecurity and IT compliance programs

BS and three years’ experience

Full-flex work week to own your priorities at work and at home

Supporting full document lifecycle from drafting, developing content, collaborating with Agency SMEs, refresh / update of documents, as needed

Experience with common Security systems, technologies and/or strategies such as IPS/IDS, VPN, SIEM, network scanners, Firewalls, DLP and Privileged Account Management

Knowledge of / experience with common security frameworks and / or standards including PCI DSS, ISO27001/2, NIST and OWASP

At least 1 Certification in Information Security (CISSP, CISM, CRISC, CISA, CEH or equivalent)

A Certification in any of the following: A+, Network+, MCITP, MCSE, CCNE or Equivalent

At least 5 years of related experience (should include experience in operating systems, network, and/or application security.)

Knowledge of network and web-related protocols (e.g., TCP/IP, FTP, HTTP, Telnet, DNS etc.)

Escalate identified issues as well as recommend remediation to management and present to business.

Support other audit, risk managements, and maturity assessments performed by internal audit team or external vendors.

Lead staff interviews, document analysis, requirements workshops, surveys, site visits, business process descriptions, business analysis and workflow analysis.

Perform in-depth analysis, document, and report assessment findings and outcomes to technical staff, senior line of business managers, and Executive levels.

Collaborate with stakeholders and internal business partners to evaluate the design and effectiveness of cybersecurity controls within the line of business.