Back to Search

Information Security Analyst

Date Posted: 4/12/2019

Apply Now

Job Description

Position Overview
The Sr. Information Security Analyst is responsible for assessing all information risks and facilitating remediation of identified vulnerabilities for the Information Security Office and IT risk across the enterprise. This highly analytical individual will be responsible for leading program maturity efforts and initiatives in collaboration with operations and engineering departments.
 
Essential Functions

  • Investigate and identify patterns of continued technical security issues and weaknesses and design solutions to prevent future re-occurrences. 
  • Conduct technical security training where appropriate to different lines of business and IT.  This may involve transference of skills to others where a new information security process has been established. 
  • Advise internal lines of business, IT partners, and 3rd parties on how to remediate technical security issues and verify remediation activities.
  • Responsible for in-depth technical security testing of company websites, infrastructure, and applications using a combination of automated & manual commercial/ open-source tools. 
  • Responsible for Technical and Executive level reports on technical security issues.
  • Design, document, and implement technical information security processes, procedures, guidelines, and solutions.
  • Function as primary incident response handler directing IT and other departments during security incidents, including evidence preservation, corrective action, and preventive actions.
  • Aid in the implementation, maintenance, and monitoring of the information security program into in-scope operational areas (gap analysis, risk assessment, third party assessments, procedure/specification development, execution of recurring procedures, incident response)
  • Align with and support the execution of the Information Security Program vision and strategy
  • Meet with project teams and other system architects to develop system designs and project plans that include the appropriate security controls and meet security standards
 
Qualifications
One or more of the following certifications strongly preferred:
  • CEH (Certified Ethical Hacker) or equivalent web/application security testing qualification
  • CISSP (Certified Information Systems Security Professional)
  • CISA (Certified Information Systems Auditor)
  • IT/Security Vendor Certifications (e.g. Cisco, Microsoft, RSA)
  • Forensic experience or certification (EnCE and ACE)
  • GIAC/ GSEC (Global Information Assurance Certification - Security Expert)
  • GIAC/ GCIA (Global Information Assurance Certification - Certified Intrusion Analyst)
  • GIAC/ GCIH (Global Information Assurance Certification - Certified Incident Handler)
 
Requirements
Total experience typically 5+ years in an Information Security position with the following minimums:
  • Three years of application security testing  & vulnerability testing
  • Two years of experience in secure software development
  • Two years of hands-on Unix experience
  • Two years of hands-on infrastructure security
  • Understanding of emerging technologies in IT such as Cloud Platforms and Mobile as well as the associated security risks.
  • Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST, as well as audit and SOC2 experience a huge plus.


We are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with cr

Job Requirements

Requirements
Total experience typically 5+ years in an Information Security position with the following minimums:
• Three years of application security testing & vulnerability testing
• Two years of experience in secure software development
• Two years of hands-on Unix experience
• Two years of hands-on infrastructure security
Understanding of emerging technologies in IT such as Cloud Platforms and Mobile as well as the associated security risks.
Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST, as well as audit and SOC2 experience a huge plus.
Posted By: bcougle@ledgent.com

Apply Now Send to a Friend

Job Snapshot

  • Employee Type:Full-Time
  • Location:Los Angeles, CA
  • Job Type:I.T.
  • Experience:Not Specified
  • Education:Not Specified
  • Date Posted:4/12/2019
  • Contact: Briawna Cougle (310) 598-7092
  • Pay Range: $130,000.00 - $150,000.00 Annually
Get Job Alertsby Email
  • Receive alerts with new job opportunities that match your interests
  • Receive relevant communications and updates from our organization

Sign Up Now


Job Reference: JO-1904-56035