This position involves the monitoring and targeting mandated regulatory compliance (i.e. PCI), but also compliance with internal audit controls and Partnership-wide security principles, policies, standards, procedures, and minimum security baselines.
Individuals who perform work as an IT Security Analyst I/II are also responsible for working on security projects/issues for a functional area (e.g., data, systems, network and/or Web).
They provide input and recommendations to address security issues that impact other functional areas. They provide technical support to project teams to ensure the company's infrastructure and information assets are protected.
Key Responsibilities:
Policies, Procedures & Standards:
- Proposes improvements and assists in the implementation of enterprise-wide security policies, procedures and standards.
- Monitors compliance with security policies, standards, guidelines and procedures.
- Ensures security compliance with legal and regulatory standards.
Security Support:
- Provides security support to ensure that security issues are addressed throughout the project life cycle.
- Provides responsive support for problems found during normal working hours as well as outside normal working hours.
- Resolves problems and assists with security incident handling.
- Responds to security incidents and assists in forensic investigations.
- Works with teams to resolve issues that are uncovered by various internal and 3rd party monitoring tools.
Security Audits:
- Assists in security audits.
- Inspects security logs to uncover possible security violations (e.g., break-ins, unauthorised activity).
- Checks existing accounts and data access permission requests against documented authorizations.
Risk Assessments:
- Assists in business impact analysis to ensure resources are adequately protected with proper security measures.
- Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
- Runs security analysis reports using commercial tools or custom scripts and documents gaps.
Information/Data Security:
- Checks existing accounts and data access permission requests against documented authorizations.
- Develops and delivers security awareness programs.
Knowledge, Skills & Abilities:
Required:
- Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
- Typically requires 1 - 3 years of IT work experience, preferably in a compliance-related role.
- Willingness and ability to travel domestically and internationally, as necessary.
Closing Date: Monday, 30 December 2013
To apply for this position, click on; IT Security Analyst I/II
0 comments:
Post a Comment