Role : Information Security Analyst Location : Media, PA (No Remote Work)
Duration : 06 Months Plus
Visa : Any
Rate : $65
End Client : Confidential till resume selection
Job Description:
The Information Security Risk & Compliance Analyst is responsible for supporting and maintaining the information security program to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Customer operates.
This role supports all day-to-day operations, functions and capabilities relating to technology risk and compliance. The role supports the Information Security compliance program and is responsible for operating Customer’s technology risk management processes, maintaining Customer’s technology related Information Security policies, and completing risk assessments of technology related initiatives.
Basic Requirements:
o Minimum of 5 years of experience in a combination of incident response, information security and IT.
o Understanding of relevant legal and regulatory requirements, such as: Payment Card Industry Data Security Standard.
o Understanding and experience assessing and securing AWS and related service and O365 and related services.
o Degree in technology-related field preferred, or equivalent work- or education-related experience.
o Professional security management certification is required, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacking (CEH), GIAC Information Security Professional (GISP), or other similar credentials.
o Advanced knowledge of common information security management frameworks, such as ISO/IEC 27001, Critical Security Controls, and NIST 800-53 and Cybersecurity Framework.
o Knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPS\IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.
Principal Duties:
Support the Risk & Compliance Department
o Support the completion of assessments of the operational effectiveness of the security controls and supports any required remediation.
o Identify and document cyber risks and manage mitigation and follow up on open security risks. Report issues to IT stakeholders.
o Execute information security testing for all areas of the technology operating environment (e.g., infrastructure reviews, penetration testing, vulnerability scanning, application reviews, cloud, and mobile technology review) with a focus on AWS IaaS and related services, infrastructure as code and related orchestration tools and concepts, O365 and related services, and Azure.
o Assist in the execution of Customer's information security program, including meeting PCI compliance requirements.
o Assist with cross-department remediation project tasks in multiple workstreams. Act as lead for IT focused remediation projects.
o Develop and update of information security policies and standards.
o Provide technical support and expertise related to tools used to perform security and vulnerability assessments. Assist with ad-hoc vulnerability compliance reporting and follow up with support partners to ensure all identified vulnerabilities are being addressed.
o Provide support to Information Security Incident Response team during cyber incidents.
o Validate that information security requirements are built into architectures and new technology projects.
o Act as a technical information security consultant for internal business teams and the IT department to implement and support new and existing technologies.
o Assist in the technical deployment of security solutions that enhance Customer's information security architecture.
o Maintain foundational knowledge of Payment Card Industry (PCI) Data Security Standard compliance by keeping apprised of changes to the standard, evaluating new systems for impact and supporting annual PCI audit.
Essential Functions:
o Ability to work well individually as well as in a team environment.
o Excellent written and verbal communication skills, interpersonal and collaborative skills.
o Up-to-date knowledge of methodologies and trends in both information security and IT.
o Poise and ability to act calmly and competently in high-pressure, high-stress situations.
o Must be a critical thinker, with strong problem-solving skills.
o Ability to manage one or more projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
o Ability to lead internal security technology projects and security remediation projects with limited dependencies on external IT teams.
o High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
o High degree of initiative, dependability and ability to work with little supervision while being resilient to change.
o Ability to be on-call 24x7x365 rotation for information security reviews of emergency changes and to support for information security incidents.
o Ability to lead, mentor and influence others.
Please Note:
o Candidate with valid LinkedIn ID & Genuine references will have a strong point to get an interview
o Please share your resume if above requirement match with you
o Mention your visa status & current location in the email
o Apply only if you are willing to relocate to Media, PA.
Kind & Regards
Mustafa Fouzan
Resource Manager
linkedin.com/in/mustafafouzan
ResourceInformaticsGroup, Inc(RIG)
400 E Royal Ln, Suite 218, Irving, TX 75039 Email:**********| cell: 972-366-5085|Fax:972-692-8663(F)
www.RIGUSINC.com|E-Verified Company
Stay Safe Stay Indoors Break the Viral Chain
