FT/Perm Position: IT Security Analyst – Denver, CO
DUTIES:
· Works with business units and other internal departments to facilitate IT risk analysis and risk management processes, identify acceptable levels of residual risk, and establish roles and responsibilities relating to information classification and production.
· Exercises awareness in regards to suspicious activity, money laundering or fraudulent behavior as it relates to cash transactions and overall transaction activity and document any such behavior so SAR filings can be considered.
· Participates in the evaluation, development, and implementation of information security standards, procedures, and guidelines for multiple platforms and diverse systems environments.
· Participates as the Information Security/Risk representative for various projects and provides information and guidance to enhance system security in the various stages of its life-cycle.
· Provides thorough documentation of all aspects of the Information Security & Risk Program (including GLBA, HIPAA and other regulatory requirements as applicable).
· Assists with the development and implementation of policies, procedures and standards relating to information security, privacy and incident response.
· Identifies and evaluates business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
· Assists with annual network vulnerability penetration analysis of infrastructure, including firewalls, web, database, application and authentication servers.
· Ensures compliance with all regulations including but not limited to BSA, Reg D,Reg E, Reg P, Reg CC, Reg DD and unclaimed Properties.
· Oversees Business Continuity Planning with all business units to including documentation of plan, training and testing.
· Assists with creating regular security monitoring reports from sources of information security and risk management information.
· Communicates known security risks and solutions to mitigate risks to business and technology partners as needed.
· Monitors, coordinates, and documents progress on remediation items to ensure actions have been taken.
· Assists with research and recommendations of new or upgraded information security-related applications and reports.
· Assists with business continuity initiatives including business impact analysis (BIA) and disaster recovery planning.
· Assists in developing and maintaining departmental website.Provides on-call support for information security issues.
· Manages and conducts security / risk assessments, including vendors and systems.
· Identifies emerging vulnerabilities and evaluating associated risks and threats.
· Provides escalation support to other department support teams when necessary.
· Creates and maintains policies and standard operating procedures (SOP).
· Keeps current with emerging security trends, issues, and alerts.
· Assists with enterprise security architecture and design.
· Aids in end user training.
· Other duties as assigned.
REQUIREMENTS:
· Ability to prioritize work and handle multiple tasks, both long and short term, simultaneously in a fast paced, diverse and growth-oriented environment.
· Ability to effectively communicate verbally and in writing with personnel at all levels within the organization, as well as outside vendors/contacts.
· Experience with Project Management duties (project planning, scope, schedule, status updates and documentation).
· Advanced working knowledge of Microsoft Active directory topology specific to user and resource management.
· Knowledge and experience of the ten Common Body of Knowledge (CBK) domains of Information Security.
· Advanced Microsoft, Network, Information Security training, or identity management vendor-specific training.
· Ability to identify deficient processes/procedures and to develop and implement
· secure solutions.
· Bachelor Degree in Computer Science, Information Systems, or equivalent work experience.
· Minimum eight years’ experience in an IT environment supporting risk management activities.
· Advanced working knowledge of identity and access management processes and systems.
· Strong working knowledge of business continuity planning and disaster recovery.
· Ability to complete projects and assignments on time with minimal supervision.
· Strong working knowledge of intrusion/detection prevention systems (IPS/IDS).
· Ability to work flexible hours in a rotating on-call shift environment.
· Ability to work under tight deadlines within multiple projects.
· Strong working knowledge of event logging/management systems.
· Strong working knowledge of encryption and key management.
· Ability to maintain a high level of confidentiality.
· Strong working knowledge of the risk assessment process.
· Certifications (preferred): CISSP, CISA/CISM, GSEC.
· Knowledge and experience of FFIEC and HIPAA.
US CITIZENS AND/OR GREEN CARD HOLDERS ONLY CAN BE CONSIDERED FOR THIS POSITION. NO EXCEPTIONS AND NO THIRD PARTY AGENCIES.
Should you be interested in the above-listed position, please email a clean copy of your resume (Word format preferred) to jackie@sorcesolutions.com along with 3-5 available times for a telephone prescreening (30 minutes maximum). In order to ensure a response within 48 hours, please be sure to include the position title in the subject line of your response message.
Should you not be interested the above listed position but know of someone who may be - please feel free to forward this message and please let us know who referred you to ensure the referral program is paid as planned. For other positions, check out our website listings at www.sorcesolutions.com.
If you are looking for a new position and have not sent us an updated resume within the last 6 months - please do so. Having the most up to date information will allow us the opportunity to match you to new/approved positions as soon as they open!
Jacqueline M. Sorce
Owner/President - Sorce Solutions, Inc.
Follow us on Twitter @SorceSolutions
Check us out on Facebook at www.facebook.com/SorceSolutionsInc
Sign up for our mailing list and receive the latest job notifications at http://www.sorcesolutions.com/subscription.html
| Reply via web post | Reply to sender | Reply to group | Start a New Topic | Messages in this topic (1) |
