Senior Information Security Analys Five9
THIS JOB HAS EXPIRED Job Overview:
Reporting to the Information Security Officer, the Senior Information Security Analyst is responsible for risk assessment reviews based on application, data, and technology architectures and solution designs, information security policy development and maintenance; design of security policy education, training, and awareness activities; monitoring compliance with company security policy and applicable law; and coordinating investigation and reporting of security incidents. Also to monitor, assess, and apply corrective actions to the business continuity and disaster recovery program. Also contributes to information security projects to protect company information assets.
This position combines project based work (30 to 70%) with operational assignments (30 to 70%).
Assess information security risks of new projects and non-standard IT requests using risk assessment methodologies based on provided architecture. This will require practical use and understanding of advanced security protocols and standards, and solid knowledge of information security principles and practices.
Implement risk assessment processes on a yearly basis as part of company risk management standard, also for all technology changes as part of change management process, and for all technology projects as part of PMO methodology.
Manage information security policy lifecycle including policy creation, maintenance, and decommission, policy exception/waiver management process and policy change requests.
Audit and enforce internal information security policy compliance, establish and control security awareness.
Implement in practice software and security architectures, security practices of Intranet and Extranet.
Evaluate and develop approach to solutions to address protection of information assets.
Proactively assesses potential items of risk and opportunities of vulnerability in the network.
Interact with internal and external customers on security-related projects and operational tasks.
Participate in 24x7 Information Security Response team.
Specific technology knowledge:
UNIX, Windows, Linux, Network LAN and WAN, Firewalls, Access controls, Authentication, Authorization, Encryption, IDS/IPS, Digital Certificates, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture, Proxy services, UML, BPMN.
Knowledge in compliance/standards area:
ISO 27001/27002/27005, PCI, HIPAA (and other industry specific), ISO/IEC 31010, ITIL, related NIST standards. COBIT and TOGAF/IAF are a plus.
||San Ramon, CA |
THIS JOB HAS EXPIRED