Senior Information Security Analyst
Company Name:
HomeServe
### Job Description
HomeServe USA is a leader in supplying homeowners with worry-free warranty services that provide peace of mind. Our incredible growth rate is fueled by a dynamic team of individuals who value teamwork, collaboration and providing exceptional customer service while maintaining a work atmosphere that''s fun and friendly. HomeServe USA is part of a global organization that serves millions of customers in the US, UK, France, Germany, Italy, Canada and Spain.
We''re strong, stable and growing.
The Sr. Information Security Analyst is responsible for supporting the architecture, implementation, and ongoing maintenance of the information security program and ensuring the confidentiality, integrity, and availability of all corporate assets. Responsible for the design and operation of security solutions to ensure solutions are implemented in accordance with industry standards and best practices. This role is required to participate in the creation of and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conduct risk and vulnerability assessments. This position requires communication with development teams, infrastructure teams, and business areas.
In addition, this position will be required to work with the corporate internal audit department, federal regulations and industry compliance programs such as the Payment Card Industry Data Security Standards (PCI DSS).
_Detailed Job
Responsibilities:_
Perform risk analysis for corporate functional and technical areas relevant to data security.
Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and standards such as: SIEM, IDS/IPS, HIDS, malware analysis, logical access controls, identity and access management, data loss prevention, vulnerability scanners, forensics software.
Manage a threat and vulnerability management program to include ongoing penetration testing, vulnerability scanning, data loss prevention, and threat assessments.
Create and maintain data security documentation, policies, standards, and procedures.
Recommend and enforce minimum security baselines for IT platforms and technologies.
Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security.
Conduct risk assessments for network, applications, 3rd party service providers, and other information security business drivers.
Responsible for executing programs for user awareness, compliance monitoring, and security compliance, which includes: maintaining information security solutions, monitoring compliance requirements (i.e. PCI DSS), and resolving security policy issues.
Manage relationships with 3rd party providers of security monitoring and tools to ensure information assets are being protected.
Responsible for providing incident response support during off hours as needed.
Research and maintain a knowledge base of information security trends comprising a technical reference library, security advisories and alerts, and laws and regulations.
All other duties as assigned
### Skills/Requirements
## _Education, Training and Certification_
Undergraduate degree in the field of computer science or equivalent;
Industry certifications required CISSP, CISM, or CISA; CEH, or GIAC certifications preferred
Some travel may be required up to 10%
## _Business Knowledge and Technical Experience_
5
years' experience in IT Security
Experience must include security standards development, security education, penetration testing, vulnerability assessments, risk assessment, account management, and compliance testing
Proficient knowledge of information security standards and controls, (e.g. ISO 27001, COBIT, NIST, PCI DSS) rules and regulations related to information security and data confidentiality for desktops, servers, applications, databases, and networks devices
Working knowledge of and strong familiarity needed with several key security technologies: SIEM solutions, DLP, Malware protection, Cryptography, Forensic software, IDS/IPS, File Integrity solutions, Identity Management, Firewalls, and Active Directory
Strong analytical and problem solving skills are necessary
Excellent verbal, written, and interpersonal communication skills
Ability to interact and build strong relationship with all levels of the organization
A practiced ability to influence peers, customers, and project teams to make security minded decisions and changes.
Effective time management, project management, and organizational skills
Ability to handle multiple projects simultaneously within established time constraints
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
Must be able to work independently as well as in a team environment.
Ability to maintain confidentiality
In return we offer:
Competitive compensation and benefits
Career development and advancement opportunities
Relaxed business attire throughout the week
Friendly, open and team oriented work atmosphere
Excellent benefits including medical, vision, dental and life & disability insurance
401(k) plan with a company match
HomeServe USA is an equal opportunity employer.Estimated Salary: $20 to $28 per hour based on qualifications.
HomeServe
### Job Description
HomeServe USA is a leader in supplying homeowners with worry-free warranty services that provide peace of mind. Our incredible growth rate is fueled by a dynamic team of individuals who value teamwork, collaboration and providing exceptional customer service while maintaining a work atmosphere that''s fun and friendly. HomeServe USA is part of a global organization that serves millions of customers in the US, UK, France, Germany, Italy, Canada and Spain.
We''re strong, stable and growing.
The Sr. Information Security Analyst is responsible for supporting the architecture, implementation, and ongoing maintenance of the information security program and ensuring the confidentiality, integrity, and availability of all corporate assets. Responsible for the design and operation of security solutions to ensure solutions are implemented in accordance with industry standards and best practices. This role is required to participate in the creation of and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conduct risk and vulnerability assessments. This position requires communication with development teams, infrastructure teams, and business areas.
In addition, this position will be required to work with the corporate internal audit department, federal regulations and industry compliance programs such as the Payment Card Industry Data Security Standards (PCI DSS).
_Detailed Job
Responsibilities:_
Perform risk analysis for corporate functional and technical areas relevant to data security.
Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and standards such as: SIEM, IDS/IPS, HIDS, malware analysis, logical access controls, identity and access management, data loss prevention, vulnerability scanners, forensics software.
Manage a threat and vulnerability management program to include ongoing penetration testing, vulnerability scanning, data loss prevention, and threat assessments.
Create and maintain data security documentation, policies, standards, and procedures.
Recommend and enforce minimum security baselines for IT platforms and technologies.
Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security.
Conduct risk assessments for network, applications, 3rd party service providers, and other information security business drivers.
Responsible for executing programs for user awareness, compliance monitoring, and security compliance, which includes: maintaining information security solutions, monitoring compliance requirements (i.e. PCI DSS), and resolving security policy issues.
Manage relationships with 3rd party providers of security monitoring and tools to ensure information assets are being protected.
Responsible for providing incident response support during off hours as needed.
Research and maintain a knowledge base of information security trends comprising a technical reference library, security advisories and alerts, and laws and regulations.
All other duties as assigned
### Skills/Requirements
## _Education, Training and Certification_
Undergraduate degree in the field of computer science or equivalent;
Industry certifications required CISSP, CISM, or CISA; CEH, or GIAC certifications preferred
Some travel may be required up to 10%
## _Business Knowledge and Technical Experience_
5
years' experience in IT Security
Experience must include security standards development, security education, penetration testing, vulnerability assessments, risk assessment, account management, and compliance testing
Proficient knowledge of information security standards and controls, (e.g. ISO 27001, COBIT, NIST, PCI DSS) rules and regulations related to information security and data confidentiality for desktops, servers, applications, databases, and networks devices
Working knowledge of and strong familiarity needed with several key security technologies: SIEM solutions, DLP, Malware protection, Cryptography, Forensic software, IDS/IPS, File Integrity solutions, Identity Management, Firewalls, and Active Directory
Strong analytical and problem solving skills are necessary
Excellent verbal, written, and interpersonal communication skills
Ability to interact and build strong relationship with all levels of the organization
A practiced ability to influence peers, customers, and project teams to make security minded decisions and changes.
Effective time management, project management, and organizational skills
Ability to handle multiple projects simultaneously within established time constraints
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
Must be able to work independently as well as in a team environment.
Ability to maintain confidentiality
In return we offer:
Competitive compensation and benefits
Career development and advancement opportunities
Relaxed business attire throughout the week
Friendly, open and team oriented work atmosphere
Excellent benefits including medical, vision, dental and life & disability insurance
401(k) plan with a company match
HomeServe USA is an equal opportunity employer.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
