Pleasanton Categories:
Information Security Analyst Ellie Mae
THIS JOB HAS EXPIRED
DescriptionInformation Security Analyst
The role participates in the development and operations of best practice corporate IT security services, enabling the assessment, execution, monitoring and auditing of our information security across Ellie Mae. This position reports to the Information Risk Management Office.
Responsibilities:
Participate in design of Information Security solutions using industry standard best practices, regulatory guidelines, and corporate policy
Create and maintain project-related documents (security controls assessments / risk assessments)
Research and evaluate security technologies
Participate in cross-domain, cross-functional matrix project teams to implement solutions in a highly collaborative manner
Efficiently manage multiple simultaneous tasks, providing consistent record of all activities, while handling confidential work with discretion
Is accountable to providing timely reporting on all project deliverables
Act as an extension of the IRM Office enforcing Security policy, information standards, and IT procedures
Evaluate and recommend security solutions to any given project, serving as a subject matter expert by providing recommendations from security perspective to technology solutions being developed or maintained internally or externally
Conduct security assessments for projects, hold security reviews against internal or external solutions being developed or maintained
Execute periodic security assessments/audits partnering with internal or external organizations to cover: information security, infrastructure penetration tests, ethical hacking, process security assessment
Coach and develop security practices and skills across Ellie Mae departments
Lead and manage IT Security initiatives as well as interact with other departments
Qualifications:
Good working knowledge of one or many of the Security frameworks ISO/IEC 27002:2005, COBIT 4.1 - 5, COSO, HITrust CSF, PCI DSS V2, FISMA - NIST 800-53, NIST 800-39, BITS, SOC 2 Trust Principles
Demonstrated success in IT Security audit, controls assessment, and compliance standards review reporting
Maintain an exceptional level of documentation including diagrams, security standards, manuals, and project papers
Ability to effectively engage and communicate as directed with a variety of audiences both technical and non-technical staff
Must be able to explain complex systems and technical topics to others who may have minimal technical knowledge using oral, written and visual presentations
Working knowledge of infrastructure security concepts including firewalls, DMZs, intrusion detection/prevention systems, network security, virtualization, desktop, laptop and mobile
Working knowledge of application security concepts including password management, RBAC, provisioning, data and code security management
Knowledge of data protection policies, procedures and products, privacy rules & regulations, data security, encryption, digital rights management, data loss prevention
Strong working knowledge of IT security concepts including disaster recovery, penetration/vulnerability assessment, task organization, role segregation, role engineering and security-centric QA
Strong analytical, organizational, and time management skills. Must be able to quickly conceptualize and explain new methods, processes and procedures for practical application
Must be self-directed, with the ability to work alone or in teams, with minimal oversight, driving positive results in difficult circumstances while maintaining attention to detail
1 or many certifications in good standing to include: CISSP, CSSLP, CISA certification, CISM certification, CIPP certification, GIAC, GCFA
Work Experience and Education Guidelines:
Required:
BS in Information Technology, Information Systems, or related discipline
6+ years of experience in Information Security
Preferred:
6+ years of experience in a medium to large sized IT Organization, preferably within mortgage loan origination or financial services.
2+ years working as an IT Security Auditor for a large audit firm
| Location: | Pleasanton, CA United States |
|---|
THIS JOB HAS EXPIRED
Ellie Mae
Investors: Alloy Ventures, Alta Partners, Windspeed VenturesAll Jobs: at Ellie Mae
| Web Site: | www.elliemae.com |
|---|---|
| Headquarters: | 4140 Dublin Boulevard Suite 300 Dublin, CA 94568 United States |
| Industry: | Software |
Support Ellie Mae with Social Media services
Find more Information Security Analyst jobs
