Information Security AnalystMJ Boyd Consulting • New York, New York, United States
Information Security Analyst
MJ Boyd Consulting
- New York, New York, United States
- New York, New York, United States
À propos
Job Duties
Recommend and implement the controls and control systems to protect information integrity against accidental modification, disclosure, or destruction.
Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.
Provide a single point of contact for security-related topics and problems.
Participate in technical and non-technical projects requiring information security oversight to ensure policies, procedures, and standards are met.
Serve as a liaison for the security team.
Serve as an additional security team member, aiding in incident response (IR) with the IR and security operations center (SOC) teams.
Provide evidence of the performance of controls.
Support the patch and remediation process for workstations, servers, and infrastructure.
Support the implementation of cybersecurity tools.
Implement procedures that support the Information Security function.
Execute periodic reviews on the security implementation related to security policies, standards, and guidelines.
Monitor and assist in the implementation of Head Office and regulatory agencies’ information security standards, policies, and procedures.
Perform security monitoring and follow-up on incidents. Reports exceptions to senior management when necessary.
Assist in the development of short and long-term security infrastructure.
Investigate, evaluate, document, and correct actual or potential security exposures when identified and make recommendations for corrective action to senior management and/or Head Office.
Provide security awareness training to employees.
Keep abreast of regulatory changes in data security.
Perform security reviews of vendors as needed.
Protect the confidentiality of the Bank from unauthorized internal and external threats by conducting periodic reviews of the bank’s critical applications and systems.
Evaluate new systems or applications as needed to identify security issues.
Conduct, with the assistance of an external consultant, penetration tests to evaluate the bank’s internet and intranet security.
Track and report open issues and facilitate their resolutions.
Experience / Qualifications / Skills
Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent.
At least 3-5 years of information security experience (or a combination of 3 to 5 years of IT system administration with security).
Expertise in incident response and system monitoring and analysis.
Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.
3 to 5 years of experience with Information Security Standards and Frameworks (SANS, NIST CSF, NIST 800-53, ISO, SOX, PII, CIS, FFIEC etc.).
Understanding of federal, state, and local regulations pertaining to Information Security and data privacy and, in particular, DFS 500 Cybersecurity Regulation.
Working knowledge of Privilege Access Management and controls.
Working knowledge of Intrusion detection, and Incident Management.
Working knowledge of SSL, web certification/key management, and DNS.
Working knowledge of SIEM implementations, operations, and best practices.
Working knowledge of IDS/IP technologies and services offerings.
Working knowledge of WAF and of OWASP.
Understanding of creating and maintaining hardened operating system images.
Understanding of DLP policies, procedures, and standards with the ability to contribute to the organization’s.
Understanding of email filtering, policies, and procedures to secure corporate email systems.
Good organizational, writing documentation, reporting, and communication skills.
Excellent interpersonal skills – ability to interact with all levels of staff.
Understanding of corporate security policies, procedures, and standards.
Ability to audit, analyze, and assess procedures.
Knowledge of assorted security tools.
Strong analytical and organizational skills.
Spanish proficiency is a plus.
Certifications: SANS GSEC, GCIA (and related), CISSP (a plus).
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.