|Date Posted||March 19, 2019|
ITAC Solutions is helping a large client in the financial sector of Birmingham search for an Information Security/Cybersecurity Analyst!!
This person will be responsible for protecting the confidentiality and integrity of customer, employee, and business information in compliance with organization policies and standards. Responsibility includes: monitoring, incident response, forensics and investigations, threat intelligence, scanning, penetration testing, technology evaluation, security reviews, security tools/systems administration, reporting and standards/procedures development.
The ideal candidate would need to have relevant experience level with an in-depth track record of success in an Information Security/Cybersecurity field including experience in architecting, designing and/or administering secure IT solutions.
This is a direct hire role.
What you’ll be doing (duties of this position):
- Support the implementations of cybersecurity tools, and the patch and remediation process for workstations, servers, and infrastructure.
- Assess procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction.
- Make improvement recommendations
- Recommend and implement the controls and control systems to protect information integrity against accidental modification, disclosure, or destruction.
- Provide evidence of the performance of controls.
- Assist in providing support of the enterprise vulnerability management program
- Implement procedures that support the Information Security function.
- Provide a single point of contact for security related topics and problems.
- Support access request processing.
- Execute periodic reviews on the security implementation related to security policies, standards and guidelines.
- Conduct research to keep abreast of latest security issues
- Prioritize remediation of gaps based on internal and external audits
- Periodically evaluate network and system security requirements and recommend and develop the necessary modifications to policies, standards and procedures.
- Support Department Managers and Business Units in the execution of their security responsibilities.
- Monitor and assist in implementation of main office and regulatory agencies’ information security standards, policies, and procedures.
- Performs security monitoring and follow-up on incidents. Reports exceptions to senior management when necessary.
- Provides assistance to Department Managers, Operating Support Units and to the Data Owners in the risk assessments of their data and of the systems owned by the lines of business.
- Assist in the development of short and long-term security infrastructure.
- Investigate, evaluate, document and correct actual or potential security exposures when identified and make recommendations for corrective action to senior management and / or Head Office.
- Protect the confidentiality of the organization from unauthorized internal and external threats by conducting periodic reviews of critical applications and systems.
- Evaluate new systems or applications as needed to identify security issues.
- Conduct, with the assistance of external consultant, penetration tests to evaluate internet and intranet security.
- Assist in planning and execution of vulnerability testing for application systems and the network environment
- Prepare security and compliance reports by collecting, analyzing, and summarizing data
- Experience supporting SOX & PCI Compliance by reviewing, reporting, and tracking of key controls
What you’ll need to be considered (requirements):
- Minimum of 4 years of experience in IT Risk, Cyber Security, and/or InfoSec or similar knowledge of information security regulations.
- Working knowledge of security monitoring and scanning tools
- Experience in working with data loss prevention and other data security systems required
- Strong critical thinking expertise to identify incidents and threats, then perform forensic review and analysis to ensure quick resolution.
- Proficient PC and software application skills, especially Excel, Access, PowerPoint.
- Good organizational, writing documentation, reporting and communication skills.
- Excellent interpersonal skills – ability to interact with all levels of staff.
- Understanding of corporate security policies, procedures, and standards.
- Ability to audit, analyze, and assess procedures.
- Knowledge of assorted security tools.
- One or more of the following certifications is a must: Security+, CISSP, CEH, GSEC, CISM, CRIS, and CISA or similar.
- Strong analytical and organizational skills.
- Strong presentation skills
- Spanish proficiency a plus.