Job Openings Security Analyst (IT) US - IGTWLF

About the job Security Analyst (IT) US - IGTWLF

The Security Analyst will be responsible for assisting in the maintenance and improvement of our Client's cybersecurity maturity. The Security Analyst must be able to work in a team environment, communicate well with others, and be able to meet deadlines. The analyst position will provide support to business lines, the IS Department, and Executive Leadership on security-related matters

Qualifications:

  • Graduate of BS in Information Technology, Computer Science, or any related field
  • At least 3 to 4 years of experience in information security and compliance roles, preferably in a regulated industry
  • Strong understanding of security principles, standards, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework)
  • Has in-depth knowledge of security technologies and tools, such as firewalls, SIEM, IDS/IPS, encryption, etc.
  • Certification in Security+ (CompTIA), Certified Incident Handler (GIAC), and/or Information Security Professional (GIAC) is an advantage but is not required
  • Strong critical thinking and problem-solving skills
  • Excellent written and verbal communication skills
  • Must be willing to work in a hybrid arrangement and in a night shift schedule

Responsibilities:

  • Manage the IT risk assessment process;
  • Update control documentation;
  • Manage client/prospect due diligence requests;
  • Perform third-party due diligence activities;
  • Review and update third-party risk assessments;
  • Perform ongoing third party risk management activities;
  • Monitor software inventory;
  • Monitoring vulnerability scans;
  • Responding to security alerts;
  • Monitor patch management compliance with policies;
  • Monitor configuration baseline compliance with standards;
  • Review user access;
  • Assist in updating the Incident Response Plan;
  • Support the SOC 2 audit, penetration testing, and other audits;
  • Manage security awareness training;
  • Manage phishing tests;
  • Monitor phishing mailbox;
  • Monitor threat intelligence;
  • Provide recommendations for information security program enhancements;
  • Research, review, and assess security products and solutions;
  • Document data flows;
  • Support ongoing projects; and
  • Assist in other security and IS projects as necessary.

Or refer someone