|Published||September 11, 2022|
|Location||White Plains, NY|
URGENT!!!! Hire for Product Analyst Cybersecurity with our client.
If Interested please share your updated resume at
Location: White Plains, NY ( Hybrid work 2-3 days in office)
Duration: 12+ Months
About the Job:
Design and implement IT security for the Danone North America. Works closely with team members, end users, and other IT departments to design, implement, support, and maintain Vendor Management process, manage information security related audit requirements, and vulnerability management on our web presence.
Security Analysts will monitor for changes in cyber/human activity, security application alerts, vulnerabilities, cyber threats, and then identify and communicate course of action for remediation.
The position can be based in our office in our US or Mexico offices
• Handle Cybersecurity components of the vendor management process end to end, from initial and periodical vendor Cybersecurity vetting, risk analysis of the potential purchased solution, and security amendments in the contract
• Enhance support and maintain the web application vulnerability program with various tools (Qualys experience a plus) .
• Timely respond to security threats by initiating appropriate requests as well as managing team’s ticketing queue
• Project management skills and capability of managing multiple projects simultaneously as well as using standard tools
• Experienced with information security metrics, Excell dashboards or other data analysis tools (Power BI , Splunk etc.)
• Provide metrics and dashboards on all activities performed and documentation for status reports ( KRI and KPI’s)
• BCP / DR extensive knowledge – plan revisions, maintenance, testing
• Support and respond to audit procedures and findings. Ability to effectively adapt to rapidly changing technologies and apply them to business needs.
• Strong knowledge and understanding of business and business processes; strong business planning skills.
• Familiarity with Data Privacy legislation (GDPR, CCPA,LGPD, or other pending state specific privacy legislations) and understanding of Data Privacy concerns within the business environment.
• Knowledge of pertinent legal controls (PCI, HIPAA); understanding of compliance requirements and ability to convey that understanding to users, support staff and Management.
• Champion security policy and “best practices” within the business environment.
• Communicate and share Cybersecurity best practices with in non-technical terms with customers, employees, and management.
Process & Projects:
• Technology processes, IT Platforms ( Azure, Service Now, O365, vulnerability management, email filtering etc), DR and BCP planning, and/or end users.
• Large scale cybersecurity project on premise , in the cloud or hybrid.
• Agile frameworks and delivery models
Impact on Business Results:
Security issues represent a critical challenge for businesses. As data breaches become increasingly common, even among the world's largest companies, maintaining the security and privacy of customers is a major concern for businesses and the IT organizations that support them. Benefits of IT security compliance for your business are avoiding fines and penalties, protecting business reputation, enhance data management capabilities, promotes operational benefits, supports access control and accountability.
• Applicable information security management, governance, and compliance principles, practices, laws, rules, regulations and frameworks NIST, ISO, PCI-DSS, HIPAA, Data Privacy, GDPR
• Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols
• Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration
• Information systems auditing, monitoring, controlling, and assessment process
• Incident response management
• Risk assessment and management methodology.
Skills and qualifications:
• Bachelor’s degree in Computer Science, Information Systems, Business Administration, Engineering, or other closely related field required. Or equivalent experience.
• 5+ years of experience with system security is desired.
• 1 to 2 years of experience in the administration of IT devices and networking. Network Administration and Network Security experience a plus
• CompTIA - Security+ preferred. Other certifications CISM, CISA, CISSP a big plus
• Deep understanding of Windows security, Active directory, Group policies, Network protocols.
• Rudimentary hands-on software and hardware configuration experience.
• Capability to interpret, understand and remediate penetration test results.
• Vulnerability management lifecycle skills
• ICS (Industrial controls systems), SCADA security experience a plus
• Deep understanding of NIST, ISO2700, PCI DSS, HIPAA, GDPR and Data privacy requirements and control mapping
• Business Process understanding (Distribution industry preferred)
• Understanding of Application flow (ability to interpret processing in a network computing environment) and Application security
• Excellent MS Excel skills on multiple topics: pivot tables, graphs, analysis, macros etc.
• Effectively communicate technical issues to diverse audiences, both in writing and verbally
• Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process
• Evaluate and update and/or revise program materials
• Learn quickly and apply knowledge to new situations
• Handle sensitive and confidential matters, situations, and data
- provided by Dice