Our direct client is seeking an Information Security Analyst. This is a contract opportunity.
WHAT ARE WE LOOKING FOR?
Assist Information Security leadership with risk management activities including the preparation of reports for executives that describe risk and security posture.
YOU'LL GET THE CHANCE TO:
- Work with engineers on various initiatives to identify key security concepts, factors and risks to deliver documented findings in clear and concise narratives
- Develop and maintain critical security metrics/KPIs and reports for regular presentation to senior leaders
- Create and maintain technical and security documentation about systems, networks, and processes
- Assist security incident response program to ensure related activities are properly recorded and documentation continuously maintained
- Routinely review and maintain InfoSec standard operating procedures and KB articles
- Develop and maintain complex and ad hoc reports and dashboards for security and risk management data
- Develop and deliver end-user security documentation, user guides, training and awareness material
- Monitor metrics related to security operations and support activities
- Track and report status of remediation items assigned to technology owners to ensure completion. Communicate statuses and escalations to technology leadership.
- Provide support in planning and coordination within the security operations program
- Assist security operation ceremonies and meetings to ensure activities are properly recorded and action items captured and assigned.
WHAT WILL HELP YOU SUCCEED:
- 4+ years security experience
- Splunk and Splunk Enterprise Security Experience required
- Office365 and MS AD security experience a bonus
- Develop & maintain KRIs and KPIs for Cybersecurity program
- Perform data analysis and develop reports
- Strong experience in performing complex data analysis and reporting
- Familiar with commonly used information security concepts, best practices and standard procedures
- An understanding of risk and risk analysis as it pertains to Information Security
- Experience in project management and continuous improvement methodologies
- Knowledge of security controls, and governance and risk management frameworks
- Experience working with and adoption of formal control frameworks such as those published by NIST, ISO, HIPAA or PCI-DSS.
- Strong analytical and problem-solving skills
- Ability to perform analysis on results and use data to derive conclusions
- Communicates analysis using a clear approach
- Resourceful in knowing how to research requirements and find information for documentation purposes
- provided by Dice