Information Security Analyst

The Information Security Analyst plays a leading role in driving information security analysis and vulnerability remediation. This role is a key business enabler to provide information security risk analysis and strategic recommendations for the ongoing improvement of Information Security. The Information Security Analyst will work with IT and other departments to promote secure practices and improve information security processes and policies. The position will be responsible for identifying vulnerabilities in a system and can implement security controls to eradicate and/or mitigate the exploit. The positions require effective verbal and written communication skills to provide good customer service. The position is located in San Jose, CA. Analyzes and vets vulnerabilities then validate vulnerabilities are remediated

Schedules and performs regular vulnerability scanning activities in the corporate network

Reviews security vulnerabilities to identify risks to computing assets

Provides technical vulnerability analysis and remediation options

Reduces vulnerability by improving remediation and patch management process

Leads discussions with internal stakeholders to ensure remediation efforts adhere to Company standards

Familiarity with Qualys and Nessus vulnerability scanner

Familiarity of Network and Web Application Penetration testing

Ability to report and present findings to a non-technical audience

Assists with IT Operations request as necessary

Performs other similar duties as assigned

Bachelor's degree in Computer Science, Information Systems and/or 1-3 years experience in an information security role

Certified Information Systems Security Professional (CISSP), Certified Internal Systems Auditor (CISA), Certified Ethical Hacker (CEH) or other security certification desired

Must have excellent written and verbal communication skills

Provide excellent customer service

Detail oriented

Ability to exploit recognized vulnerabilities

Good problem solving and troubleshooting skills with experience exercising mature judgement

Excellent teamwork and interpersonal skills

Demonstrated ability to learn new skill such as penetration test validation and security patching

Exhibit good organizational skills to analyze, develop, and deliver detailed reports meeting tight schedules

Valid California Driver License

Upon hire, must provide proof of COVID-19 vaccination status

Knowledge and ability to evaluate, assess, and implement IT risk mitigation processes and procedures

Knowledge of network security controls and vulnerability management

Working knowledge of information security standards, rules, and regulations including International Organization for Standards (ISO) 27001, 27002, National Institute of Standards and Technology (NIST), and Defense Federal Acquisition Regulation Supplement (DFARS)

Demonstrated knowledge of network, server, mobile devices, application, and database security principles for risk identification and analysis

Demonstrated knowledge and ability to work effectively with auditors, customers, consultants, employees, and vendors

Demonstrated analytical and problem solving skills

Demonstrated time management and organizational skills

Flexible and able to prioritize work