The Sr. Information Security Analyst performs a broad range of complex technical and professional work functions to identify, investigate, analyze, and remediate information security events. They will lead security administration and service operations' functions to ensure enterprise integrity against technical and physical risks. This position determines the effectiveness of security controls, identifies risks and control gaps, and communicates areas for process improvement and solutions through the security governance process.
The Sr. Information Security Analyst will conduct security assurance and compliance reviews on select third party vendors and company systems. This position will be required to determine Information Security compliance posture for all systems including cloud and on premises environments. They will be required to assess the compliance of vendors based on the contractual agreement and where applicable, governing regulations or laws. In some cases, the Sr. Information Security Analyst will be required to conduct on-site audits, which may include travel. They will work as part of the overall Compliance committee and will be called upon to contribute new ideas, solve complex problems, innovate processes and streamline methodologies to increase and improve information security compliance.
1. Research and recommend solutions to fulfill regulatory compliance requirements in our legacy on premise and cloud-based environments.
2. Contribute to new control design, risk assessments and control rationalization efforts for compliance and operational processes.
3. Collaborate with key stakeholders in Security, Internal Audit and our external auditors to deliver the successful execution of compliance.
4. Streamline and coordinate testing activities across multiple business units.
5. Provide consultation and advice to stakeholders on their SOX, GDPR, and additional compliance requirements and deliverables while providing best practice insight.
6. Assist the IT Director and Compliance Managers with board, executive and management-level reporting metrics, materials and dashboards.
7. Develops, updates, and maintains compliance documentation covering all in scope systems and supporting technology.
8. Assist in the research and recommendation of hardware and software solutions to augment or enhance existing compliance measures as needed
9. Lead Projects related to security and compliance remediation
Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
- Demonstrate ethics and integrity according to the company's principles and values.
- Display drive and purpose while exhibiting leadership stature.
- Be self-accountable and admit when mistakes are made.
- Candidate must demonstrate high level understanding of financial budget when carrying out assigned responsibilities coupled with good financial management practices
- Candidate must develop awareness of their leadership style
- Candidate must have great interpersonal skills, communicate clearly, and precise writing techniques
- Works independently and responsible for meeting committed deadlines.
- Inspires, motivates, and guides others toward goal accomplishment;
- Empowers others by sharing power, authority, and information;
- Consistently encourages, develops, sustains, and rewards cooperative working relationships