Lead Security Analyst

The Lead Security Analyst will report directly to the Chief Risk Officer. The individual will be responsible for monitoring compliance of our information security program across the entire infrastructure. Security program elements include: firewall, data transmission, advanced mal ware prevention, data loss prevention, intrusion detection/prevention systems, cloud services, VPN, etc. The candidate will work with leadership to develop strategies and plans to enhance security, identify, and close risks/gaps, and to enforce the company's information security policies. This role requires a strong technical background and familiarity of traditional and emerging security technologies and practices. The activities of this role will be split between day-to-day operations activities and providing guidance to stakeholders or new and existing infrastructure related projects. The candidate must be able to work independently with minimal supervision, interact effectively with IT, Security, and Business leaders.

Key Responsibilities

• Align with and support the execution of the Information Security Program vision and strategy.

• Provide assistance in the implementation, maintenance, and monitoring of the information security program into in-scope operational areas (gap analysis, risk assessment, third party assessments, procedure/specification development, execution of recurring procedures, incident response).

• Identify, analyze and communicate security vulnerabilities.

• Serve as an information security subject matter expert and trusted advisor.

• Understand current as well as emerging security threats and assist in the design of application architecture to mitigate threats where possible

• Clearly and concisely communicate in both written form and verbally to leadership and Management.

• Review security features of newly implemented systems, ensuring they meet existing security requirements and policies, review proposed changes to existing policy as conditions warrant.

• On a day to day basis, the candidate will review reports to identify threats. Reports may be generated from tools such as: such as Net Profiler, Imperva, Fire Eye and FirePower.

Minimum Qualification Requirements 

A baccalaureate degree from an accredited college and four years of relevant satisfactory full-time experience