Senior Information Security Analyst

Rockleigh, NJ 07647

Posted: 08/12/2019 Employment Type: Direct Hire Job Number: 380

Job Description


Overview

The Senior Information Security Analyst will be a key member of the newly formed Information Security team. This individual will actively contribute to the development and implementation of an enterprise-wide information security and risk management program, and operate as an enabler to the business. S/he will provide high-quality information security governance, risk management, and compliance services.

Responsibilities
  • Engage the business units, such as IT, Finance, Legal, Supply Chain, Sales, and Engineering, to identify information security risks, develop action plans and lead the implementation of controls to reduce risks.
  • Develop organizational information security-oriented policies, processes, procedures, and standards in alignment with the selected information security management system.
  • Develop data protection strategies that include the discovery of key business data, classification criteria, data flow maps, and protective control requirements.
  • Perform gap analysis against security frameworks and security risk assessments on applications, technology projects, and third-party vendor software and solutions.
  • Provide input to the overall risk management strategy, both short and long term, based on the changing threat landscape and overall business objectives.
  • Develop and conduct security awareness training and related activities for the business.
  • Develop, collect, manage and present monthly information security (KRI/KPI) metrics.
  • Lead and foster the growth of the business security champion program.
  • Conduct basic security audits.

Qualifications
  • Minimum of 6-9 years experience in information security and risk management.
  • Bachelors or Masters degree in Computer Science preferably with a focus on Cybersecurity.
  • Professional information security certifications such as the CISSP, CISM, or CRISC.
  • Strong knowledge of common information security frameworks, including CIS Top 20 Controls, ISO 27001, and NIST 800-53 Series.
  • Knowledge and understanding of regulatory requirements and data types including ePHI, GDPR, HIPPA, and PII.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to both technical and non-technical audiences.
  • Exhibit strong analytical skills the ability to manage multiple projects under strict timelines, as well as the ability to work in a demanding, dynamic environment to meet overall objectives.
  • Ability to led cross-functional, interdisciplinary teams to drive risk mitigations efforts.

#RecruitPS

Meet Your Recruiter

Jason Destro

Over 20 years’ of recruiting experience with hands-on recruiting and placement of I.T. professionals (Full Time, Temp 2 Perm, & Contingent) in the NJ/NY/CT/PA marketplace for a wide variety of today's demanding IT skill sets. Focused on delivering exceptional service by understanding client’s objectives and goals.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.
" property="pl-share-desc">

Senior Information Security Analyst

Rockleigh, NJ 07647

Posted: 08/12/2019 Employment Type: Direct Hire Job Number: 380

Job Description


Overview

The Senior Information Security Analyst will be a key member of the newly formed Information Security team. This individual will actively contribute to the development and implementation of an enterprise-wide information security and risk management program, and operate as an enabler to the business. S/he will provide high-quality information security governance, risk management, and compliance services.

Responsibilities
  • Engage the business units, such as IT, Finance, Legal, Supply Chain, Sales, and Engineering, to identify information security risks, develop action plans and lead the implementation of controls to reduce risks.
  • Develop organizational information security-oriented policies, processes, procedures, and standards in alignment with the selected information security management system.
  • Develop data protection strategies that include the discovery of key business data, classification criteria, data flow maps, and protective control requirements.
  • Perform gap analysis against security frameworks and security risk assessments on applications, technology projects, and third-party vendor software and solutions.
  • Provide input to the overall risk management strategy, both short and long term, based on the changing threat landscape and overall business objectives.
  • Develop and conduct security awareness training and related activities for the business.
  • Develop, collect, manage and present monthly information security (KRI/KPI) metrics.
  • Lead and foster the growth of the business security champion program.
  • Conduct basic security audits.

Qualifications
  • Minimum of 6-9 years experience in information security and risk management.
  • Bachelors or Masters degree in Computer Science preferably with a focus on Cybersecurity.
  • Professional information security certifications such as the CISSP, CISM, or CRISC.
  • Strong knowledge of common information security frameworks, including CIS Top 20 Controls, ISO 27001, and NIST 800-53 Series.
  • Knowledge and understanding of regulatory requirements and data types including ePHI, GDPR, HIPPA, and PII.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to both technical and non-technical audiences.
  • Exhibit strong analytical skills the ability to manage multiple projects under strict timelines, as well as the ability to work in a demanding, dynamic environment to meet overall objectives.
  • Ability to led cross-functional, interdisciplinary teams to drive risk mitigations efforts.

#RecruitPS

Meet Your Recruiter

Jason Destro

Over 20 years’ of recruiting experience with hands-on recruiting and placement of I.T. professionals (Full Time, Temp 2 Perm, & Contingent) in the NJ/NY/CT/PA marketplace for a wide variety of today's demanding IT skill sets. Focused on delivering exceptional service by understanding client’s objectives and goals.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.