Saturday, August 3, 2019

Information Security Analyst

Location: San Francisco CA 94105
Job: Information Security Analyst
Contract: 6 months +


Description:


Job Title: Information Security Analyst

As an information security analyst, you will be responsible for analyzing and streamlining operational tasks and process to protect client against adversaries. Your primary responsibility would be to drive our Policy Exception process to ensure client has visibility on the risks it is incurring from employees. When reviewing policy exceptions, you will be responsible for articulating risks to the business, identifying and recommending workarounds and mitigations, and escalating if required. Additionally, you will perform vendor risk assessments and ad-hoc security related operational tasks. You will also research the latest threat activities and provide threat assessment reports, evangelizing security to protect client against these and other threats.


Primary Responsibilities:
. Review policy exceptions submitted by client''s employees. Work with the business to help them understand the risks regarding the policy exception. Identify improvements to the policy exception workflow and areas for automation.
. Perform Third-party reviews, work with key stakeholders within client including Procurement, Legal and business teams to complete risk assessments on third-party providers. Provide guidance on security improvements and integration recommendations.
Work across Cloud Security, Incident response, risk and compliance and product security teams to solve critical security problems.
. Improve client''s ability to better protect its environment through design, development, and implementation of security analytics, assessment, and correlation and response systems to effectively use client''s security investments.

Required Skills & Qualifications:
. Bachelor''s degree (B.A.) in computer science or related field, or equivalent work experience
. 1-2 years' experience in network and system security
. Background in Windows, Linux
. Knowledge of risk assessment process and controls frameworks like ISO27002. Additional familiarity with compliance certification including SSAE 16, ISO27001, GDPR, etc is required.
. Knowledge of OWASP top 10 vulnerabilities
. Knowledge of network and internet architecture
. Excellent analytical skills, organizational skills, ingenuity and the ability to work as part of a team
. Excellent communication skills and ability to deal with conflict and lead negotiations.
. Advanced interpersonal skills to effectively promote ideas and collaboration at the various levels of the organization

If you have another job in mind, feel free to forward this to a friend who may be a fit and call/e-mail me with specifics on the job that you think fits you best! You can view all of our open positions here. Please note: The Rose International Recruiting Team has reached out to you because your resume was either submitted to one of our subscribed job websites or Rose International's Hot Jobs page. We hope that you find value in our e-mail notifications as you continue to consider options for your professional career.

Yash Malik
Recruiter
Office: (636) 812-4000, ext. 6733 | Cell: (636) 529-3514
E-mail: ymalik@roseIT.com