A.C. Coy

  • Sr Security Analyst

    Job Locations US-PA-Pittsburgh
    Posted Date 2 weeks ago(4/11/2018 9:28 AM)
    Job ID
    2018-17897
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Our client, is seeking a Sr Security Analyst for a Direct Hire role.  This role will primarily be responsible for designing security solutions and advancing the security program oversight capabilities of the Bank. The successful candidate will assist in furthering the maturity of the security program to address emerging security risks.  Candidates should have five or more years of related work experience.

    Responsibilities

    • Leads and provides technical consultation, in collaboration with Security Operations, on information security architecture and design requirements
    • Leads and participates on project working teams and ensures security standards are designed and implemented appropriately on new capabilities and technology
    • Uses software tools and technology to manage security posture
    • Monitors and manages compliance with security standards
    • Identifies security incidents across all technology platforms and manages incident response process, including lessons learned
    • Performs third-party vendor security risk reviews, including analysis of vendor responses and reports (e.g., SOC 1, SOC 2 and ISO 27001)
    • Assists with third-party security threat and vulnerability assessment activities and serves as a lead architect of third-party security monitoring services and associated tools/portals
    • Participates in the development of security policies and procedures and monitors compliance to ensure safe and sound business operations
    • Maintains knowledge of new security threats, vulnerabilities and industry solutions, as well as security technology trends and advances

    Qualifications

    • Five or more years of experience in information security or a combination of information security and IT/IS Audit or related discipline
    • Strong working knowledge of information security best practices, technology control frameworks (e.g., NIST CSF and COBIT) and information security risk management standards
    • Knowledge of vendor security risk management practices (e.g., SIG Questionnaire, SSAE18)
    • Knowledge of information technology service management processes and related control activities in the areas of change management, computer operations, database administration, information security administration, network security, operating system security and web application security
    • Knowledge of current tools/practices for developing and publishing policies, procedures, metrics and other information
    • Knowledge of security design in cloud and mobile architectures
    • Knowledge of vulnerability management and configuration management toolsets (e.g., Qualys)
    • Knowledge of security event monitoring and data access governance tools (e.g., Log Rhythm, StealthBits)

    Education: 

    • Bachelor’s degree in information systems or related field or an equivalent combination of education and work experience

    Certification: 

    • Security: CISSP, CISA, CRISC, preferred
    • Technical: AWS Certified Solutions Architect, CCNA, CSSLP, OWASP, preferred

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed