Information Security Analyst

Provide recommendations for new or modified policies, standards, and/or guidance documents based on changing technologies & security climate;
 
Facilitate use of technology-based tools or methodologies to review, design and/or implement IT security products and services;
 
Design and support enterprise IT security solutions that may be comprised of hardware and software components;
 
Identify security risks and exposures by participating in security reviews, evaluations and risk assessments;
 
Evaluate website vulnerabilities utilizing automated privacy or security scan tools and external vendor services scanning services;
 
Prepare reports of key metrics for application security, information security, and/or compliance with governmental laws and regulations for presentation to management of all levels;
 
Conduct security assessments of systems and applications using penetration tests and risk assessment / mediation methodologies to evaluate vulnerabilities;
 
Monitor and maintain security databases for enterprise identity management / user provisioning
 
Degree Holder or above in Information Technology or related discipline
 
Minimum 4-6 years of combined IT and security, audit, compliance related work experience
 
4 years’ experience in information security / risk management
 
Security, audit, or compliance certifications such as CISA, CISSP, GSE, SANS, SOX Certifications are desired

Read Less