Information Security Analyst (Schenectady)

Compensation

: $76,265.00 - $187,860.00 /year *

Employment Type

: Full-Time

Industry

: Information Technology



Loading some great jobs for you...





Overview

The individual will be primarilyresponsiblefor supporting senior colleagues and IT with information security risk assessments, reporting, SIEM event analysis, and related Information Security activities.

Responsibilities

  • Under supervision, assist with conducting technical reviews of IT systems and audit security controls
  • Analyze responses and submitted IT audit and related documentation, and align responses to various risk frameworks (COBIT, NIST, SANS)
  • Identify controls gaps, vulnerabilities, exploits, patches to generate issue lists and mitigation recommendations
  • Develop Visio diagrams for data flow, process mapping and related documents
  • Execute ongoing testing, gap analysis of information security-related policies, practices, and procedures, as well as perform tasks related to monitoring IT infrastructure according to established guidelines
  • Assist with the research, review, development and/or enhancement of information security policies and technical risk documentation, as well as white paper content and/or training programs
  • Assist with creating content for cybersecurity and IT-risk related email alerts
  • Assist with the design of and production of phishing campaign email templates
  • Assist with content generation for end user training
  • Perform ad-hoc work/special projects as necessary to support ACA on various client and internal initiatives

Qualifications

  • Bachelors degree in information technology, computer science, information security and assurance, or similar program; relevant certification (ISC(2), SANS GSEC/GICSP, ISACA, Offensive Security OSCP/OSCE) required
  • One year of practical experience in the areas of information security
  • Knowledge in network architecture and security controls as well as current and emerging information security threats
  • Ability to identify information security risks to the confidentiality, integrity and availability of information systems and client data
  • Familiarity with compliance regulations and security frameworks (SOX, PCI, GLBA, COBIT, FINRA, ISO, NIST,)
  • Familiarity with cloud services (AWS, Azure, Office 365, etc.)
  • Experience with risk and threat assessment, control auditing, vulnerability analysis, information gathering, correlating and reporting
  • Experience with information technology systems: Windows Server, Windows 7/8/10, Mac OS, Active Directory, LINUX, TCP/IP, LAN/WAN, VPN, NAC
  • Knowledge of operation risk assessment methodology, mitigation development, monitoring and reporting
  • Technical knowledge and experience in network architecture, design, and configuration as well as network routing, firewalls, intrusion detection systems, VPN, internet filtering, anti-virus technology, application security, secure email gateways, and PCI and ISO compliant environments
  • Ability to discuss complex technical issues
  • Demonstrated professional integrity
  • Dependable, flexible, and adaptable to new ACA initiatives and changing business needs
  • Ability to work well in a fast-paced, small-team environment
  • Ability to work independently, multi-task and prioritize effectively
  • Ability to establish and maintain effective working relationships with colleagues and clients
  • Highly motivated and goal oriented; proactive in ones own education and career progression; volunteers for and shows initiative on both internal and external projects and tasks
  • Dedicated to upholding ACAs high-quality standards and customer service focus
  • Strong organizational and problem-solving skills with attention to detail
  • Strong oral and written communication skills
  • Proficient with Microsoft Office applications, Adobe Acrobat, and the Internet
  • Willing to travel up to 20 percent
  • Available for travel Monday through Friday on a general basis, outside of normal business hours and weekends

ACA is an equal opportunity employer and does not unlawfully discriminate against current or prospective employees on the basis of race, color, religion, sex, age, national origin, pregnancy, child birth, or a related medical condition, familial status, marital status, sexual orientation, gender identity, gender expression, disability, veteran status, citizenship, ancestry, genetic information, or any other characteristic prohibited by law.

- provided by Dice
Associated topics: forensic, identity, information security, leak, malicious, security, security analyst, security officer, threat, violation * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...