Security Analyst
Gullview Technologies on behalf of a client is seeking a Senior Security Analyst to report to the IT Director. Gullview Technologies is an exciting and rapidly growing technology company focused on taking on the most vital and challenging business and technical challenges our clients face in our highly connected business world today. We have an exceptional focus at Gullview on developing deep and long-lasting relationships (several years and counting) with our clients. This focus enables us to deliver an ongoing continuum of projects and solutions to them with high value, meaningful impact, and predictable performance.
Senior
Primary Duties and Responsibilities:
- Research and stay informed of potential information security threats, industry trends, emerging technologies and response alternatives
- Recommend improvements to information security policies, procedures and guidelines.
- Access, monitor and assist with recommended improvements to security procedures for user access creation, modification and removal
- Assist with assessing, tracking and reporting any security exceptions and incidents as they arise
- Maintain, manage and monitor company compliance with security control frameworks such as PCI, SOX IT controls and NIST
- Engage in regular assessment for the current IT security environment to identify weakness and work with IT management to develop opportunities for improvement
- Weigh business needs against security concerns to articulate issues and recommend options
- Participate in the design, development and delivery of security training programs and needed policies
- Responsible for shared 24x7 coverage of the infrastructure and applications that the team supports. Will require occasional after-hours work and after-hours on-call duties.
- Assist with evaluation, use and recommendations for security improvements and tool acquisition
- Evaluate, adjust and conduct required compliance audits
- Complete customer security questionnaires as needed
- Supervises - None Qualifications:
Requirements
- A Bachelor degree or Associates degree in Information Technology, Information Systems, Computer Science, Engineering preferred
- 4 to 6 years’ experience working in a corporate environment in a security or IT role
- Thorough understanding of information security controls, risks and threats
- Thorough understanding of enterprise security technologies (VPN, VDI, Firewalls, Encryption IDP and Antivirus)
- Knowledge of information security standards, data privacy laws, computer crime laws, etc
- Knowledge of information security audit and assessment methodologies, policies, standards, procedures and best practices Supporting Skills Desired:
- Excellent customer service orientation
- Good communication skills
- Ability to work with global users at many technological levels
- Excellent work ethic, positive attitude and sense of urgency
- Ability to manage multiple priorities
- Knowledge of areas of compliance related to PCI, NIST, SOX and/or ITAR.
Certified in one of the following: Certified Information Systems Security Professional (CISSP) or Certified Security Analyst (CSA)
- Strong knowledge of Microsoft Windows Server and Linux environment.